LibraryCatalogMCPSkill PacksSkillsAgentsSubmit SkillLearn
Back to Learn

Validation & Certification

Before skills are published to catalogs, they undergo validation to ensure safety, quality, and compliance with the Agent Skills specification.

The Validation Pipeline

Every skill goes through automated validation before review. This ensures consistent quality and catches issues early.

1

Spec Compliance Check

Validates that the SKILL.md follows the Agent Skills specification:

  • Valid YAML frontmatter with required fields
  • Name follows naming conventions (lowercase, hyphens)
  • Description within length limits
  • Proper markdown structure
2

Safety Scan

AI-powered analysis to detect potential risks:

  • Prompt injection vulnerabilities
  • Dangerous command patterns
  • Data exfiltration risks
  • Credential/secret exposure
  • Jailbreak attempts
3

Quality Grading

Skills receive a quality grade (A-F) based on:

  • Instruction clarity and completeness
  • Token efficiency (information density)
  • Structure and organization
  • Error handling guidance

Safety Score

Each skill receives a safety score from 0-100. Higher is safer.

80-100
Safe

Minimal risk, suitable for public catalog

50-79
Caution

Some concerns, requires manual review

0-49
Unsafe

Significant risks, cannot be published

Thresholds by Catalog

  • Organization Private Catalog50+ required
  • SkillMill Public Catalog80+ required

Quality Grades

A
Excellent

Clear, complete, well-structured. Auto-approved for public catalog.

B
Good

Solid skill with minor improvements possible. Manual review for public.

C
Acceptable

Functional but could be improved. OK for org catalogs.

D
Poor

Significant issues. Needs revision before publication.

F
Failing

Does not meet minimum standards. Cannot be published.

Review & Approval

Organization Catalog Review

  1. 1.Automated validation runs (spec, safety, quality)
  2. 2.Org admin receives notification of pending request
  3. 3.Admin reviews validation results and skill content
  4. 4.Admin approves, requests changes, or rejects

Public Catalog Review

  1. 1.Automated validation with stricter thresholds
  2. 2.Auto-approve if: Grade A + Safety 80+ + Verified Publisher
  3. 3.Manual review if: Grade B-C or new publisher
  4. 4.Auto-reject if: Grade D-F or Safety below 50

Certification

Approved skills receive a certification that proves they passed validation.

No Expiration

Certifications don't expire. A certified version stays certified forever.

Version-Specific

Each version is certified separately. New versions require re-validation.

Revocation

SkillMill can revoke certification if issues are discovered after publication:

Security Vulnerability

Skill found to be malicious or exploitable

Policy Violation

Skill violates terms of service

Quality Degradation

External dependencies break the skill

Author Request

Author requests removal from catalog

Revoked skills are removed from the active catalog. Existing installations continue to work but won't receive updates.

Skill BuilderAPI Reference
UNKNOWN ENV