Bitdefender released a skill scanner for malware in agent skills. But even with clean skills, the agent itself can be manipulated if the system prompt isn't robust – a crafted message can trick it into leaking credentials or forwarding data.
You select your agent's capabilities (email, files, terminal, browser) and it runs adversarial prompts against your config. Shows what got blocked vs what went through.
Open source: https://github.com/marti-farre/temper-llm
Looking for feedback on what attack vectors to add.