Introducing Chainguard Agent Skills: Securing the AI Software Development Workflow

Secure-by-default AI agent skills offer continuously hardened, reviewed, and published skills with full audit history

KIRKLAND, Wash., March 17, 2026 /PRNewswire/ -- Chainguard, the trusted source for open source, today announced Chainguard Agent Skills, a continuously maintained catalog of hardened AI agent skills. Agent Skills enables developers to frictionlessly install top skills to drive more value and expand the use cases of their agents without extending their attack surface. Applying Chainguard's proven secure-by-default approach to this emerging class of software artifacts, Agent Skills automatically ingests skills from open source registries, reviews them against a security and quality ruleset, hardens them using Chainguard reconciliation agents, and publishes them with a complete audit trail.

AI agent skills are proliferating without guardrails

AI agent skills, or small, modular instruction sets that extend what an AI agent can do, are rapidly spreading across platforms such as Claude Code, Codex, and OpenClaw¹. Developers install skills to add capabilities such as browser automation, PDF processing, database access, and code-generation workflows. With wide distribution, deep permissions, and no oversight, agent skills have become the latest target of widespread supply chain attacks. Recently, attackers uploaded dozens of malicious skills to OpenClaw registries that appeared legitimate but secretly instructed AI agents to install a fake CLI tool that delivered the Atomic macOS Stealer (AMOS). Thirty-nine malicious skills and more than 2,200 variants turned agents into unwitting intermediaries in a full supply chain attack.

"Container images showed us how quickly software artifacts can become supply chain risks once they're adopted and trusted at scale. AI agent skills are emerging along an even faster trajectory," said Dan Lorenc, CEO and Co-founder, Chainguard. "As AI agents become embedded in the software development lifecycle, the skills that shape their behavior become part of the supply chain itself. With Agent Skills, Chainguard is bringing continuous hardening and verifiable integrity to that layer, so organizations can build with AI on a secure foundation."

A continuously reconciled catalog of hardened skills

As AI agents become intermediaries in software development, Chainguard is ensuring the artifacts they rely on adopt a secure-by-default posture like Chainguard Containers, Libraries, and VMs. Chainguard Agent Skills uses the AI-native Chainguard Factory to continuously reconcile a catalog of agent skills that have been automatically reviewed and hardened against a growing set of security and quality rules, designed to prevent the exact attack vectors from recent malware campaigns. The system ingests skills from community registries, evaluates them using deterministic and agentic checks, and uses an agent to apply one fix at a time. Skills that pass all active rules are published with a full PR-based audit trail.

Operating as a reconciliation loop, when an upstream skill changes, Agent Skills automatically rehardens the skill to ensure the catalog continuously aligns with the desired state. Developers can install a hardened skill in seconds and trust that its permissions are scoped, the description is accurate, and shell access is restricted. Later this year, Agent Skills will evolve to include expanded rule sets, broader repository coverage, the ability to harden proprietary skills, and custom policy configurations. By extending its trusted open source model to AI agent skills, Chainguard is securing a foundational layer of the AI software development lifecycle.

"The rapid growth of agent ecosystems is expanding the software supply chain attack surface. Agent skills extend what AI systems can do, but they also introduce new risks when distributed without meaningful oversight," said Katie Norton, Research Manager, IDC. "Treating skills like third-party components, with consistent validation, hardening, and transparent maintenance, will be important to preserving trust in AI-driven development."

Chainguard Agent Skills is available in beta. To be among the first to try Chainguard Agent Skills, visit https://www.chainguard.dev/agent-skills.

About Chainguard

Chainguard is the trusted source for open source. By delivering hardened, secure, and production-ready builds of all the open source software engineers and AI agents rely on, Chainguard helps organizations build faster, stay compliant, and eliminate risk. Its customers include Fortune 500 enterprises and global industry leaders, including Anduril, Canva, Fortinet, Hewlett Packard Enterprise, OpenAI, Snap Inc., and Snowflake. Chainguard is venture-backed by leading investors, including Amplify, IVP, Kleiner Perkins, Lightspeed Venture Partners, Mantis VC, Redpoint Ventures, Sequoia Capital, and Spark Capital. For more information, visit: https://www.chainguard.dev/

¹ All trademarks are the property of their respective owners.

View original content to download multimedia:https://www.prnewswire.com/news-releases/introducing-chainguard-agent-skills-securing-the-ai-software-development-workflow-302715407.html

SOURCE Chainguard