The Cisco AI Skill Scanner is a tool designed to enhance security for AI agent skills by identifying vulnerabilities such as prompt injection, data exfiltration, and malicious code patterns. It uses a mix of pattern-based detection (leveraging YAML and YARA), large language model (LLM) analysis, and behavioral dataflow examination to provide comprehensive threat assessments. The scanner supports OpenAI Codex and Cursor Agent Skills formats in line with the Agent Skills specification, making it versatile for different development environments. Key features include multi-engine detection, which combines static analysis, behavioral dataflow, LLM semantic analysis, and cloud-based scanning. It also boasts a meta-analyzer that filters out false positives, enhancing the accuracy of threat detection. The tool is CI/CD ready, producing SARIF output for seamless integration with GitHub Code Scanning and providing exit codes for build failures. The extensible plugin architecture allows developers to create custom analyzers as needed. Installation requires Python 3.10 or higher, and users can choose specific cloud provider support such as AWS Bedrock, Google Vertex AI, and Azure OpenAI through pip. The scanner commands allow for various scanning options, including static and behavioral analysis, as well as the ability to disable specific noisy rules or apply custom YARA rules. The output can be saved in multiple formats, supporting both individual skill scans and bulk scans for multiple skills.