Skip to content
ATR-2026-00147highSkill Compromiseexperimental

Community Fork Impersonation

Detects social engineering that promotes a malicious package as a "community fork" or "enhanced version" of a legitimate tool. Crystallized from 31 adversarial samples.

Severity
high
Category
Skill Compromise
Scan Target
both
Author
ATR Threat Cloud Crystallization

Response Actions

alertblock input

References

OWASP Agentic
ASI04 - Supply Chain Vulnerabilities
OWASP LLM
LLM01:2025 - Prompt Injection
View full YAML on GitHub →

More Skill Compromise Rules

ATR-2026-00060highMCP Skill Impersonation and Supply Chain AttackATR-2026-00120criticalSKILL.md Prompt InjectionATR-2026-00121criticalMalicious Code in Skill PackageATR-2026-00122highWeaponized Skill — Agent as Attack ToolATR-2026-00123highOver-Privileged Skill — Excessive Permissions