Sign up to save your podcasts
Or
Share Episode 08 | Introducing SandyClaw: Dynamic Analysis for Malicious Skills and Prompts
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Episode 08 | Introducing SandyClaw: Dynamic Analysis for Malicious Skills and Prompts
AI agent skill marketplaces are the new software supply chain, and attackers are already exploiting them. In this episode of All About Identity, Ian Ahl walks through real examples of credential-stealing and deceptive skills, explains why static scanning and single-LLM reviews fall short, and introduces SandyClaw, Permiso's dynamic analysis platform for AI agent skills and prompts.
Ian breaks down how SandyClaw combines static analysis, runtime detonation, network and file monitoring, and multiple detection engines to determine whether a skill is benign, suspicious, or malicious. He also demos the platform, shows how users can search previously scanned skills or submit their own for analysis, and shares his vision for making SandyClaw the "VirusTotal for skills."
Try SandyClaw at sandyclaw.permiso.io.
View all episodes
By Permiso SecurityAI agent skill marketplaces are the new software supply chain, and attackers are already exploiting them. In this episode of All About Identity, Ian Ahl walks through real examples of credential-stealing and deceptive skills, explains why static scanning and single-LLM reviews fall short, and introduces SandyClaw, Permiso's dynamic analysis platform for AI agent skills and prompts.
Ian breaks down how SandyClaw combines static analysis, runtime detonation, network and file monitoring, and multiple detection engines to determine whether a skill is benign, suspicious, or malicious. He also demos the platform, shows how users can search previously scanned skills or submit their own for analysis, and shares his vision for making SandyClaw the "VirusTotal for skills."
Try SandyClaw at sandyclaw.permiso.io.