SkillSpector can be installed into Pi as a local package. The extension registers a skillspector_scan tool that runs the existing SkillSpector CLI.
- Pi installed.
- Python
>=3.12,<3.15. uvrecommended.- This repo checked out locally.
cd /path/to/SkillSpector
uv sync
pi install /path/to/SkillSpectorThen reload Pi:
/reload
Ask Pi:
Use skillspector_scan on tests/fixtures/safe_skill/SKILL.md with noLlm=true.
Equivalent CLI:
.venv/bin/skillspector scan tests/fixtures/safe_skill/SKILL.md --no-llmtarget: path, URL, zip, Git repo, orSKILL.mdto scan.format:terminal,json,markdown, orsarif. Default:terminal.output: optional report path.noLlm: defaulttrue.provider: optionalopenai,anthropic,anthropic_proxy,nv_build, ornv_inference.model: optional model override.yaraRulesDir: optional directory of extra YARA rules.verbose: optional detailed progress.
Static scan is default. To use semantic LLM analysis, configure provider credentials in your shell before launching Pi, then call the tool with noLlm=false and a provider.
Example:
Use skillspector_scan on ./my-skill with noLlm=false and provider=anthropic.
The extension does not read .env and redacts secret-looking output.
pi remove /path/to/SkillSpector