AI skills are rapidly becoming the primary execution layer of enterprise AI, enabling agents to automate workflows, access systems, and act autonomously at scale. Of 52,755 skills analyzed across major marketplaces, 2.1% were flagged as unsafe — and of those, 62.9% were confirmed malicious, with the remaining 37.1% exhibiting suspicious behavior.
While 2.1% may appear negligible, it is exceptionally high by malware standards — and the stakes are amplified by the fact that skills routinely operate with the same privileges as human users. From credential harvesting to prompt injection and remote code execution, this largely unexamined attack surface is already being actively exploited. Continuous detection and governance are no longer optional: if skills are the "apps" of AI, skill security must become a first-class discipline.
