All articles are carefully reviewed and reviewed by leading blockchain experts and industry experts.
- CertiK has launched Skill Scanner, a security tool designed to scan third-party AI Skills before they are used by AI agents.
- The tool combats threats such as hidden malicious practices, unauthorized access to data and autonomous killing on Web3 and Web2.
CertiK is pushing deeper into AI security with the launch of the CertiK Skill Scanner, a product designed to evaluate third-party AI Skills before they are installed, published or approved for use within companies.
The company describes the tool as something close to the antivirus layer of AI was an assistant. The comparison is not perfect, but it gets to the point. AI assistants aren’t just answering questions on a chat screen. They are starting to call external tools, read files, start operations, move data between systems and, in the most difficult cases, interact with financial infrastructure.
That changes the security equation. Bad browsing can be dangerous. Bad AI technology connected to an autonomous agent can be even worse, because the agent can act quickly and in real time without the user’s attention.
AI capabilities create a new threat
AI technologies are becoming plugins of the assistant economy. They expand what an AI agent can do, from pulling information and automating tasks to performing financial transactions and communicating with Web3 protocols. Each additional skill, however, creates another point where something can go wrong.
That threat is not limited to well-known malware. A skill may request more information than necessary, behave differently than expected, initiate unauthorized API calls or silently create objects to be misused. In the financial world, the concern is even greater. A tool that can initiate phone calls, sign requests for work flow or plan events requires a different evaluation and increase simple productivity.
CertiK said the Skill Scanner is designed to detect hidden malicious practices, unauthorized access to data and threats to kill malicious systems before they are exposed. Unlike AI intelligence tools, the company says its products focus on the risks that can arise during executions, including crimes related to financial and financial transactions.
Ronghui Gu, CEO and co-founder of CertiK, said the security approach around third-party expertise is becoming increasingly important as AI agents move into financial processes, business processes and everyday digital services.
“CertiK Skill Scanner was built to establish a secure environment of trust before it is killed, helping users and platforms identify hidden threats before data, assets, or systems are compromised,” said Gu.
Markets, businesses and developers are first in line
The primary target groups are AI Skill markets, businesses and developers. Markets can include scanners in their print pipelines, so Skills are reviewed before they start. They can also present CertiK judgments as indicators of reliability for users when choosing to implement third-party Competencies.
For businesses, the operating system is very secure. Companies that test AI assistants internally need a way to evaluate third-party AI before they enter the production environment or affect customer data, internal processes or customer behavior. This is where the scoring system comes in handy. It gives security teams something more tangible than a vendor’s product or manufacturer’s description.
Independent developers can also use the scanner to self-read Skills before they are published. CertiK says future updates will expand access to day-to-day users, allowing people to scan the Skills themselves before installing or using them.
The scanner produces a score from 0 to 100, with “pass,” “warning” or “fail” judgments and a list of findings in order of severity. CertiK claims the system achieves up to 90.5% accuracy in identifying security risks, with the aim of reducing false positives and making AI Skill assessments more reliable.
The product is already installed in the selected Web3 AI agent environment. CertiK is also working on integration with other AI Skill platforms, including FinChip.ai.
The launch follows CertiK’s expansion into AI-based security, after the company launched AI Auditor job earlier this year. For a well-known company in Web3 analysis, this move is a logical addition. When AI agents start using code, assets, licenses and business processes, security checks should be done before they are executed, not after the system has already been exposed.
