Feature Request: Map SkillSpector Detection Patterns to OWASP Agentic Skills Top 10 (AST10)
Summary
SkillSpector's 64 detection patterns across 16 categories provide strong coverage of the attack surface described in the OWASP Agentic Skills Top 10 (AST10). However, there is currently no explicit mapping between SkillSpector rule IDs and AST10 risks. Adding this mapping would:
- Help security teams justify SkillSpector adoption against a recognized framework
- Make scan reports more actionable ("this finding maps to AST04: Insecure Skill Composition")
- Identify any AST10 risks with gaps in current coverage
- Align with how AppSec teams already reason about OWASP frameworks
Proposed Deliverables
- Coverage matrix — a table mapping each AST10 risk (AST01–AST10) to the SkillSpector rule IDs that address it, with a coverage assessment (full / partial / gap)
- Rule metadata — add an optional
owasp_ast10 field to each pattern definition so it surfaces in JSON/SARIF output
- Gap analysis — document any AST10 risks not currently covered and propose new patterns or LLM prompts to close them
- Docs page — add a
docs/owasp-mapping.md that can be referenced in reports and READMEs
Reference
Initial Draft Mapping (for discussion)
| AST10 Risk |
SkillSpector Rules (candidate) |
Coverage |
| AST01 – Malicious Skill Distribution |
SC3, SC4, SC6, YR1, YR2 |
Partial |
| AST02 – Unsafe Execution Context |
AST1–AST8, TT5 |
Strong |
| AST03 – Excessive Permissions |
PE1–PE3, LP1–LP4, EA1 |
Strong |
| AST04 – Insecure Skill Composition |
SC1, SC2, SC5, TM2 |
Partial |
| AST05 – Prompt Injection via Skills |
P1–P5, MP1–MP3, TP1–TP4 |
Strong |
| AST06 – Data Exfiltration |
E1–E4, TT3, TT4 |
Strong |
| AST07 – Insufficient Sandboxing |
AST4, AST5, EA2, EA4 |
Partial |
| AST08 – Skill Identity Spoofing |
TR2, TP2 |
Weak |
| AST09 – Lack of Audit & Governance |
OH1–OH3, P6–P8 |
Partial |
| AST10 – Missing Skill Metadata Standard |
LP3, LP4 |
Weak |
The table above is a starting point. I may have the AST IDs slightly off and some rules could map to multiple risks. Happy to collaborate on a more precise version.
Willingness to Contribute
I'm happy to draft the docs/owasp-mapping.md if the maintainers can confirm the intended AST10 risk numbering and whether rule metadata extension is in scope.
Feature Request: Map SkillSpector Detection Patterns to OWASP Agentic Skills Top 10 (AST10)
Summary
SkillSpector's 64 detection patterns across 16 categories provide strong coverage of the attack surface described in the OWASP Agentic Skills Top 10 (AST10). However, there is currently no explicit mapping between SkillSpector rule IDs and AST10 risks. Adding this mapping would:
Proposed Deliverables
owasp_ast10field to each pattern definition so it surfaces in JSON/SARIF outputdocs/owasp-mapping.mdthat can be referenced in reports and READMEsReference
Initial Draft Mapping (for discussion)
The table above is a starting point. I may have the AST IDs slightly off and some rules could map to multiple risks. Happy to collaborate on a more precise version.
Willingness to Contribute
I'm happy to draft the
docs/owasp-mapping.mdif the maintainers can confirm the intended AST10 risk numbering and whether rule metadata extension is in scope.