As AI Agents become increasingly integrated into financial systems, enterprise workflows, and everyday digital interactions, the security risks behind them are gradually surfacing. On May 27, CertiK, the world's largest Web3 security company, officially launched the "CertiK Skill Scanner," a Skill security scanning product aimed at the AI Agent ecosystem, referred to in the industry as the "antivirus software of the AI era."

According to reports, this product primarily targets the AI Skill market, enterprises, and independent developers, aiming to establish a standardized security review mechanism for AI Skills before execution, to identify potential malicious behavior, data leaks, unauthorized access, and risks associated with autonomous execution in third-party AI Skills.

Filling the Gap in AI Security: Pre-execution Security Verification

Currently, AI Agents are gradually gaining the ability to read data, call external systems, execute code, and even initiate digital asset transactions, but there is still a lack of a unified "pre-execution security verification" mechanism in the industry. Against the backdrop of accelerating AI applications and the rapid expansion of plugin ecosystems, the credibility of third-party Skills has begun to attract market attention.

Gu Ronghui, co-founder and CEO of CertiK, pointed out that every significant technological transformation creates a window of opportunity, during which security is the key to success or failure. "We saw this in the blockchain space, and we are seeing this trend again in the AI Agent field."

He stated that AI Agents are gradually entering financial systems, enterprise workflows, and broader digital scenarios, and the security verification of third-party Skills will become an essential part of AI infrastructure. The security framework of the future AI era needs to possess "proactive defense" capabilities, rather than responding passively after risks occur.

Unlike traditional general AI scanning tools, the design focus of CertiK Skill Scanner is not limited to static code analysis but can also assess risks that may arise during actual execution. This is particularly crucial in scenarios involving fund calls and financial transactions, as many risks only become apparent when Skills are actually running.

Five Core Risk Categories and an Accurate Scoring System

It is reported that CertiK Skill Scanner supports uploading AI Skills via GitHub repositories, URLs, or ZIP files and detects around five core risk categories:

• Malicious Behavior Detection: Detecting potential destructive or hidden malicious operations
• Data Leak Risk Assessment: Encompassing scenarios where Skills silently transmit user information to external servers
• Unauthorized Network Activities: Capturing outbound connection behavior beyond the stated scope of Skills
• Shell Execution Permission Review: Screening for risks of Skills attempting to run system-level commands
• File System Abuse Detection: Preventing Skills from accessing files outside of their permissions

CertiK stated that the current risk identification accuracy of the system has reached 90.5%, effectively reducing false positives and enhancing the reliability of AI Skill risk assessments. The scanning results will generate a security score from 0 to 100, along with risk results like "Pass / Warn / Fail" and categorized issue reports.

Wide Application Across Ecosystems and Industry Validation

CertiK Skill Scanner is suitable for both the Web3 ecosystem and the traditional Web2 market. Its target audience includes all users of AI Skills:

• AI Skill Market: Can be directly integrated into the publishing process to automatically perform security reviews before Skills go live, displaying CertiK's security assessment as a trust signal for users at the time of selection
• Enterprise Users: Can use it as part of internal compliance and risk management workflows to evaluate third-party AI Skills before entering the production environment
• Independent Developers: Can utilize this tool for self-audits before Skills are published, proactively addressing security issues
• The General Public: CertiK plans to open direct access permissions in future product updates, allowing individual users to scan Skills before installation or use

Currently, this product has already been applied in parts of the Web3 AI Agent ecosystem. Pieverse has integrated CertiK Skill Scanner into its AI Agent Skill store as a security audit mechanism before Skills go live and are called. Pieverse's CEO Colin stated: "Only when users and builders trust the Skills executed by Agents can the Agent ecosystem achieve scalable development."

Additionally, CertiK is advancing collaborations with more AI Skill platforms such as FinChip.ai. Gary Yang, an investor in FinChip.ai, stated: "For any 'Skill economy' to operate at scale, trust is the most essential prerequisite. The Skill security verification mechanism that CertiK is promoting is a crucial infrastructure currently lacking in this ecosystem, making FinChip's vision of programmable Skill ownership and distribution more relevant."

Extending Security Infrastructure: From Web3 to AI

Founded in 2017, CertiK is now the largest Web3 security company in the world. The company has served over 5,000 enterprise clients, including Binance and Ant Group. Today, this institution, which has a deep foundation in blockchain infrastructure assessment, code auditing, and compliance, is further expanding its security experience into the AI domain, providing foundational security support for the rapidly evolving AI Agent ecosystem.

The launch of the Skill Scanner is seen as an important move by CertiK to continue expanding the AI security landscape following the release of AI Auditor in April. Within the industry, it is perceived that as AI Agents gradually acquire capabilities in code execution, system calls, and asset operations, the core security issues in AI are extending from the models themselves to "execution layer security" and "third-party Skill credibility." The next-generation security infrastructure, including CertiK Skill Scanner, may become an indispensable part of the scaling process in the AI Agent ecosystem.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。