Under the Hood of SKILL.md: Semantic Supply-chain Attacks on AI Agent Skill Registry

ArXi:2605.11418v1 Announce Type: new Autonomous AI agents increasingly extend their capabilities through Agent Skills: modular filesystem packages whose SKILL.md files describe when and how agents should use them. While this design enables scalable, on-demand capability expansion, it also