Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
SkillCloak Evades AI Scanners with New Techniques

SkillCloak Evades AI Scanners with New Techniques

Posted on July 6, 2026 By CWS

AI Scanners Under Threat

Researchers at the Hong Kong University of Science and Technology have revealed that AI coding agents’ malicious add-on “skills” can easily bypass scanners designed to detect them. A recent study showed that simple alterations can help these skills evade detection while still functioning maliciously.

According to the study, over 90% of scanners failed to detect these altered skills. The team also developed a runtime checker capable of identifying most of the disguised skills that scanners miss.

How SkillCloak Bypasses Scanners

The tool developed by the researchers, known as SkillCloak, modifies malicious skills to appear benign while maintaining their harmful capabilities. SkillCloak employs two primary methods for this transformation.

The first method involves altering the skill’s code to evade pattern recognition by scanners. This is done by swapping characters for look-alikes or splitting commands across lines. The second method, self-extracting packing, hides the malicious payload in directories typically ignored by scanners, such as .git/. The payload is only revealed when the agent executes the skill.

Testing across eight scanners and over 1,600 real-world malicious skills showed that the packing method evaded detection more than 90% of the time, while the lighter rewriting method had an 80% success rate. Cloaked skills performed as effectively as their unaltered counterparts.

Behavioral Monitoring as a Solution

Given the ability of malicious skills to disguise their appearance, the researchers suggest a focus on behavioral monitoring. Their proposed tool, SkillDetonate, observes skills’ actions at the operating-system level, tracking data flows and running instructions only at runtime.

SkillDetonate proved effective in tests, catching 97% of attacks with a 2% false positive rate. In contrast, existing scanners had higher false-positive rates and decreased effectiveness against cloaked skills.

Although SkillDetonate is slower than traditional scanners, taking a few minutes per skill, it offers a more reliable defense by focusing on runtime behavior rather than static analysis.

Real-World Implications and Future Directions

Malicious skills are already prevalent in public marketplaces, with scanners failing to detect them. Bitdefender reported that 17% of skills on one marketplace contained hidden malware. Some of these employed tactics similar to those outlined in the study.

Cisco’s scanner, while effective against unaltered skills, failed to detect cloaked versions, catching only 10% post-alteration. These findings suggest that reliance on static scanning alone is insufficient for security.

To enhance security, the paper recommends combining static scanning with behavioral monitoring. By observing skills at runtime, organizations can better protect their systems from malicious activities.

In conclusion, while SkillCloak presents a significant threat to AI security, tools like SkillDetonate offer promising solutions. By focusing on behavior rather than appearance, organizations can fortify their defenses against increasingly sophisticated threats.

The Hacker News Tags:AI agents, AI security, ClawHub, Cybersecurity, malicious skills, malware evasion, runtime checking, SkillCloak, SkillDetonate, static scanning

Post navigation

Previous Post: SSH Honeypots Overlook Key Non-Interactive Attacks
Next Post: Critical Opera GX Flaw Exposes User Data to Hackers

Related Posts

Alert Fatigue, Data Overload, and the Fall of Traditional SIEMs Alert Fatigue, Data Overload, and the Fall of Traditional SIEMs The Hacker News
APT28’s New PRISMEX Malware Campaign Targets Ukraine APT28’s New PRISMEX Malware Campaign Targets Ukraine The Hacker News
Cybersecurity Updates: Microsoft, Zerion Breaches, and More Cybersecurity Updates: Microsoft, Zerion Breaches, and More The Hacker News
Why the New AI Browsers War is a Nightmare for Security Teams Why the New AI Browsers War is a Nightmare for Security Teams The Hacker News
Active Exploitation of PAN-OS VPN Vulnerability Alert Active Exploitation of PAN-OS VPN Vulnerability Alert The Hacker News
CISA Warns of Active n8n Vulnerability Exploitation CISA Warns of Active n8n Vulnerability Exploitation The Hacker News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • TrojPix Exploits Pixel Modulation to Leak Data
  • Critical Opera GX Flaw Exposes User Data to Hackers
  • SkillCloak Evades AI Scanners with New Techniques
  • SSH Honeypots Overlook Key Non-Interactive Attacks
  • Opera GX Flaw Allowed Silent Mod Installs, Data Theft

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • TrojPix Exploits Pixel Modulation to Leak Data
  • Critical Opera GX Flaw Exposes User Data to Hackers
  • SkillCloak Evades AI Scanners with New Techniques
  • SSH Honeypots Overlook Key Non-Interactive Attacks
  • Opera GX Flaw Allowed Silent Mod Installs, Data Theft

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark