Risk differences across agent skill types

Ascertain whether certain agent skill types—defined by functional categories such as Development Tools, External Integrations, System Administration, Data Analysis, Security/Red-team, Documentation, and Communication—are riskier than others by comparing vulnerability prevalence across these categories.

Background

The ecosystem comprises diverse functional categories of skills that may request different permissions and include varying amounts of executable code, potentially affecting their security risk profiles.

The authors explicitly pose whether some skill types are riskier, motivating stratified analysis to determine category-level prevalence and inform platform defenses and developer guidance.

References

Basic questions remain open. Are certain skill types riskier than others?

— Agent Skills in the Wild: An Empirical Study of Security Vulnerabilities at Scale (2601.10338 - Liu et al., 15 Jan 2026) in Section 1 (Introduction)

Risk differences across agent skill types

Background

References

Related Problems