Skip to content
ATR-2026-00124highSkill Compromiseexperimental

Skill Squatting / Typosquatting

Detects skills impersonating known publishers or using typosquatted names. VirusTotal documented threat actor "hightower6eu" publishing 314 skills with legitimate-sounding names delivering AMOS infostealers. OWASP AST04 covers insecure metadata including fake brand impersonation. This rule only flags skills from UNKNOWN publishers that claim to be official. Skills from verified publishers (anthropics, vercel-labs, microsoft, github, google) are excluded.

嚴重度
high
類別
Skill Compromise
掃描目標
skill
作者
ATR Community

建議回應

alertalert

參考資料

OWASP Agentic
ASI04:2026 - Supply Chain Compromise
OWASP LLM
LLM03:2025 - Supply Chain Vulnerabilities
在 GitHub 上查看完整 YAML →

更多 Skill Compromise 規則

ATR-2026-00060highMCP Skill Impersonation and Supply Chain AttackATR-2026-00120criticalSKILL.md Prompt InjectionATR-2026-00121criticalMalicious Code in Skill PackageATR-2026-00122highWeaponized Skill — Agent as Attack ToolATR-2026-00123highOver-Privileged Skill — Excessive Permissions