SkillSync MCP — Security-Gated Skill Management for Claude Code
The only MCP server that gates skill installation behind a full security scan. 60+ threat patterns, 13 tools, 7 supported clients. Search, scan, install, and sync Claude Code skills securely.
35
Basic
Agentic Readiness Score
developer
hostingllms-txtai-friendlysecuritydevtools
Agentic Signals
Found
ai-plugin.json
Not found
OpenAPI Spec
Not found
Structured API
Not found
Allowed
Schema.org Markup
Found
MCP Server
Not found
Embed this badge
Show off your agentic readiness — the badge auto-updates when your score changes.
llms.txt Content
# SkillSync MCP
> Security-gated skill management for AI coding assistants. The only MCP server that gates skill installation behind a full security scan.
## Overview
SkillSync MCP (`@stranzwersweb2/skillsync-mcp`) is an open-source Model Context Protocol (MCP) server that provides security-gated skill management for Claude Code and 6 other MCP-compatible clients. It scans GitHub skill repositories for 60+ threat patterns across 15 categories before allowing installation, permanently blocking critical threats like prompt injection, reverse shells, credential theft, and supply chain attacks.
- **Version**: 1.3.0
- **License**: MIT
- **Author**: Aditya Sugandhi
- **npm**: https://www.npmjs.com/package/@stranzwersweb2/skillsync-mcp
- **GitHub**: https://github.com/adityasugandhi/skillsync-mcp
- **Website**: https://skillsync.js.org/
## Install
```bash
npx -y @stranzwersweb2/skillsync-mcp
```
Or add to Claude Code's `~/.claude/settings.json`:
```json
{
"mcpServers": {
"skillsmp": {
"command": "npx",
"args": ["-y", "@stranzwersweb2/skillsync-mcp"]
}
}
}
```
## 13 MCP Tools
### Search & Discovery
- `skillsmp_search` — Keyword search across SkillsMP marketplace
- `skillsmp_ai_search` — AI-powered semantic search via Cloudflare AI
- `skillsmp_search_safe` — Search + auto-scan top results for security threats
- `skillsmp_suggest` — AI-powered skill recommendations based on installed skills
### Security
- `skillsmp_scan_skill` — Security scan a GitHub skill repo (60+ patterns, 15 categories)
- `skillsmp_compare` — Side-by-side security comparison of two skills
- `skillsmp_audit_installed` — Deep security audit of a specific installed skill
### Skill Management
- `skillsmp_install_skill` — Scan then install to ~/.claude/skills/ (blocks critical threats)
- `skillsmp_uninstall_skill` — Remove an installed skill
- `skillsmp_list_installed` — List all installed skills with risk levels
### Cloud Sync
- `skillsync_configure`