From 69fbf862bd789ff3bf1b53eec93650d31e707b4c Mon Sep 17 00:00:00 2001
From: Timothy Kassis <timothy.kassis@biostate.ai>
Date: Tue, 3 Mar 2026 08:26:21 -0800
Subject: [PATCH] Add skills scanning

---
 .gitignore |  4 +++-
 README.md  | 13 +++++++++++++
 2 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/.gitignore b/.gitignore
index 2e90db0..73b4c64 100644
--- a/.gitignore
+++ b/.gitignore
@@ -10,4 +10,6 @@ uv.lock
 .python-version
 main.py
 
-__pycache__/
\ No newline at end of file
+__pycache__/
+
+.env
\ No newline at end of file
diff --git a/README.md b/README.md
index 220c254..9c8fb9c 100644
--- a/README.md
+++ b/README.md
@@ -587,6 +587,19 @@ We welcome contributions to expand and improve this scientific skills repository
 ✅ Provide clear comments and docstrings in code  
 ✅ Include references to official documentation
 
+### Security Scanning
+
+All skills in this repository are security-scanned using [Cisco AI Defense Skill Scanner](https://github.com/cisco-ai-defense/skill-scanner), an open-source tool that detects prompt injection, data exfiltration, and malicious code patterns in Agent Skills.
+
+If you are contributing a new skill, we recommend running the scanner locally before submitting a pull request:
+
+```bash
+uv pip install cisco-ai-skill-scanner
+skill-scanner scan /path/to/your/skill --use-behavioral
+```
+
+> **Note:** A clean scan result reduces noise in review, but does not guarantee a skill is free of all risk. Contributed skills are also reviewed manually before merging.
+
 ### Recognition
 
 Contributors are recognized in our community and may be featured in: