Certik launches ‘anti-virus’ to scan AI skill risks

On May 27 Certik introduced Certik Skill Scanner, described by the company as an ‘anti-virus for AI agents.’ The platform scans third-party AI skills for risks that appear when a skill runs, and flags hidden or malicious behavior before execution in agent environments.

Security researchers have warned that many skills in public marketplaces receive little review and can perform system-level actions. Audits of the sector have identified threats including credential harvesting, data exfiltration, manipulation of fund transfers and prompt-based override attacks that can change an agent’s intended execution flow or access sensitive assets at runtime.

Certik says the scanner evaluates risks that emerge during execution, including scenarios involving financial transactions or fund calls. The system produces a numerical score from 0 to 100, returns a verdict of pass, warn or fail, and generates categorized findings for developers and platform operators to review. The company reports the tool can reach up to 90.5% precision in identifying security risks.

Marketplaces can add the scanner to publishing pipelines so skills are automatically reviewed before they go live and security verdicts are shown to users. Enterprises can incorporate the tool into compliance and risk-management workflows, and independent developers can run self-audits before publishing. Certik says the scanner is already deployed in selected Web3 AI agent infrastructure and that it is expanding integrations with additional platforms, including Finchip.ai. The company plans an update to let everyday users scan skills before installation.

Ronghui Gu, Certik’s CEO and co-founder, described the scanner as a way to create a standardized trust layer before execution and to help platforms and users detect hidden risks before data, assets or systems are exposed.

“Trust is the prerequisite for any skill economy to function at scale,” commented Gary Yang, an incubation investor at Finchip.ai. He added that security verification of skills supports Finchip.ai’s goals for programmable skill ownership and distribution.

Earlier this year Certik launched an AI Auditor initiative to address risks tied to autonomous systems and AI-driven execution environments. Gu has warned that growing autonomous execution in AI applications creates a new category of security and trust challenges and called for security infrastructure that acts proactively.

AI skill marketplaces have expanded as agent ecosystems have matured. Unlike traditional app stores, most skills are sourced from public repositories and receive little or no review. Certik’s scanner is presented as a pre-execution verification layer intended to reduce software supply-chain risk created by unvetted third-party skills.