Summary
A security review framework that treats every external input as hostile until proven otherwise. Built by SlowMist from real incident response work, it gives Claude structured checklists for vetting skills, MCP servers, GitHub repos, documents, on-chain addresses, and product recommendations before installation or execution. Routes different trigger scenarios to specific review templates with a four-level risk rating system. The core discipline is solid: never run code blocks from external docs, escalate high-risk decisions to humans, and prefer false positives over missed threats. If you're building agents that interact with untrusted content or handle anything financial, this codifies the paranoia you should already have.
Install to Claude Code
npx -y skills add slowmist/slowmist-agent-security --skill slowmist-agent-security --agent claude-codeInstalls into .claude/skills of the current project.
On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
An agent that runs the SEO playbooks that move rankings and ships PRs you control.
Get founding access →
Connect Claude to +800M contacts, +150M companies. Find & Enrich leads in chat.
Try For Free →
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →Files
SKILL.md
Select a file.
Featured
On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →An agent that runs the SEO playbooks that move rankings and ships PRs you control.
Get founding access →Connect Claude to +800M contacts, +150M companies. Find & Enrich leads in chat.
Try For Free →Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
