Claude Agent Skills could be used to deploy malware, researchers say
Anthropic’s Claude Agent Skills feature could be misused by threat actors to spread malicious Skills that execute malware, Cato Networks reported Tuesday.
Claude Agent Skills are custom code modules that can be used to extend the capabilities of Claude AI agents. To use a Skill, users download a folder containing prompts and files that the Claude agent will invoke when performing the intended Skill.
Skills, which were first introduced in October 2025, are often shared amongst Claude users online through social media and repositories like GitHub and are designed to improve automation workflows.
Read more at SC World