Malwar: A Vulnerability Scanner for SKILL.md Files Built with Claude Code

Malwar is a vulnerability scanner specifically for SKILL.md files used by AI coding agents. It addresses a gap in security tooling where traditional code scanners look for malicious code, but SKILL.md files contain natural language instructions that can pose a different threat.

What Malwar Does

The tool runs a 4-layer pipeline against skill files:

• Rule engine
• URL crawler
• LLM analysis layer
• Threat intel

Why It Was Built

The developer was building agentic workflows and realized they were "blindly pulling skills from ClawHub and trusting them." After manually reading through skills, they found several concerning patterns that would raise red flags in other contexts:

• Base64 blobs
• Instructions telling the agent to curl something and pipe it to bash
• Weirdly specific references to file paths where credentials live

The developer notes: "The kind of thing that if you saw it in a shell script you'd close the tab immediately."

Technical Implementation

The entire tool was built with Claude Code, including:

• Architecture
• Detection rules
• The LLM analysis layer
• The REST API

The developer states: "Honestly couldn't have shipped it at this scope solo without it."

Availability

Malwar is free to use with source available on GitHub at https://ap6pack.github.io/malwar/.