Certik Unveils Anti-Virus for AI Agents' as Skill Marketplaces Face Hidden Threats

Certik Unveils Anti-Virus for AI Agents' as Skill Marketplaces Face Hidden Threats

Briefly

"Blockchain and AI security firm Certik, on May 27, unveiled a new security platform designed to evaluate risks in third-party artificial intelligence (AI) skills. Dubbed the anti-virus for AI agents, the release comes amid growing industry concern over the security of AI skill marketplaces. Security researchers have warned that many of these skills are unvetted, can execute system-level actions and may contain hidden malicious behavior, creating a new software supply chain risk for the AI era."

"Security audits across the sector have identified risks ranging from credential harvesting and data exfiltration to fund-transfer manipulation and prompt-based override attacks. Despite these concerns, AI skill marketplaces have expanded rapidly as agent ecosystems mature. However, unlike traditional app stores, most skills are sourced from public repositories with little or no review. Analysts say this creates opportunities for attackers to embed harmful instructions, trigger unauthorized data access or manipulate autonomous execution flows."

"In a recent blog post, Certik said its skill scanner platform is designed specifically to evaluate risks that emerge during execution, including scenarios involving financial transactions or fund calls. The scanner produces a numerical score from 0 to 100, along with pass, warn or fail verdicts and categorized findings. According to the company, the system achieves up to 90.5% precision in identifying security risks."