ATR-2026-00124highSkill Compromiseexperimental

Skill Squatting / Typosquatting

Detects skills impersonating known publishers or using typosquatted names. VirusTotal documented threat actor "hightower6eu" publishing 314 skills with legitimate-sounding names delivering AMOS infostealers. OWASP AST04 covers insecure metadata including fake brand impersonation. This rule only flags skills from UNKNOWN publishers that claim to be official. Skills from verified publishers (anthropics, vercel-labs, microsoft, github, google) are excluded.

Severity

high

Response Actions

alertalert

References

OWASP Agentic

ASI04:2026 - Supply Chain Compromise

OWASP LLM

LLM03:2025 - Supply Chain Vulnerabilities

View full YAML on GitHub →

More Skill Compromise Rules

ATR-2026-00060highMCP Skill Impersonation and Supply Chain Attack ATR-2026-00120criticalSKILL.md Prompt Injection ATR-2026-00121criticalMalicious Code in Skill Package ATR-2026-00122highWeaponized Skill — Agent as Attack Tool ATR-2026-00123highOver-Privileged Skill — Excessive Permissions