SkillCloak research shows scanners can be bypassed
🛡️ Researchers at the Hong Kong University of Science and Technology show that simple file-level transformations and packing tricks can let malicious AI coding agent "skills" evade existing static scanners while still executing normally. Their tool, SKILLCLOAK, fooled multiple marketplace scanners over 80–99% of the time, while a runtime sandbox, SKILLDETONATE, detected most evasions at the cost of slower analysis. The study highlights active real-world abuse, practical mitigation ideas, and the need to move trust decisions to behavior observed at execution time.
