Screening Process

Every skill on AgentSource goes through a multi-layer verification pipeline before it reaches your agent. No exceptions.

4 Layers of Verification

01

Static Analysis

Automated code scanning for vulnerabilities, malicious patterns, and dependency risks. We check for command injection, data exfiltration, excessive permissions, and known CVEs in dependencies.

  • Dependency vulnerability scan
  • Malicious pattern detection
  • Permission scope validation
  • License compatibility check
02

Sandboxed Execution

Every skill runs in an isolated sandbox with network restrictions. We probe each tool with test inputs, verify outputs match declared schemas, and measure performance characteristics.

  • Tool input/output validation
  • Response time benchmarking
  • Memory and CPU profiling
  • Error handling verification
03

Permission Audit

Declared permissions are verified against actual behavior. If a skill declares no network access but attempts outbound connections, it fails. What you declare is what you get.

  • Network access verification
  • Filesystem access boundaries
  • Resource usage limits
  • Undeclared behavior detection
04

Ongoing Monitoring

After listing, skills are continuously monitored. Health checks every 5 minutes, trust scores update in real-time based on uptime, success rate, call volume, and user reports.

  • 5-minute health probes
  • Real-time trust score updates
  • Anomaly detection
  • User report investigation

Trust Score

Every skill earns a trust score from 0 to 100 based on real metrics — not self-reported claims. The score is a weighted composite of:

FactorWeightDescription
Uptime (30d)25%Percentage of successful health checks in the last 30 days
Success Rate25%Percentage of non-error responses to tool calls
Screening Score20%Score from the initial screening pipeline
Call Volume15%Total number of calls (higher volume = more proven)
Author Reputation10%Based on all skills by the same creator
Age5%Time since first published (maturity bonus)

What Gets Rejected

Skills are rejected or delisted for:

  • Malicious code or data exfiltration attempts
  • Undeclared permissions (e.g., secret network calls)
  • Persistent test failures or unreliable behavior
  • Known vulnerable dependencies without patches
  • Excessive resource consumption beyond declared needs
  • Deceptive descriptions that don't match actual functionality

38.8% of MCP skills on open registries have security flaws.

0% of AgentSource skills do.

Ready to publish a skill? Read the Manifest Spec or go to the Creator Dashboard