Toxic Flows: When Your Agent Skill Becomes a Supply Chain Attack (June 18th)
Thursday, June 18th, 2026: 11:00 AM to 12:00 PM
When a developer installs an AI agent skill, they are making a trust decision they almost certainly do not know they are making. Snyk’s ToxicSkills research into 3,000+ skills from ClawHub and skills.sh found that 36% contain security flaws and 13% contain critical issues, including credential theft, backdoor installation, and active prompt injection payloads.
Virtual
And 91% of confirmed malicious skills combine traditional malware with prompt injection in a single artifact.
This is not a theoretical risk. This is a supply chain that is already under active exploitation. In this session, we’ll examine three documented attack chains and define what a rigorous defense of the agentic action layer requires.
We’ll explore:
- A deep dive into how malicious skills operate through recent attacks
- Tactics to motivate risks in the AI skill supply chain
- Actionable strategies to defend the agentic action layer
Hosted by Security Boulevard