Blockchain and AI security firm Certik has launched a new platform designed to address the escalating security concerns within third-party AI skill marketplaces. Dubbed an “anti-virus for AI agents,” this system aims to establish a standardized trust layer by evaluating risks before execution, crucial for safeguarding financial systems and enterprise workflows.
Certik Unveils ‘Anti-Virus for AI Agents’
On May 27, Certik, a prominent blockchain and artificial intelligence security firm, introduced its groundbreaking security platform. Described as an “anti-virus for AI agents,” this system is specifically engineered to evaluate risks inherent in third-party artificial intelligence (AI) skills. The launch comes amidst growing industry concern over the security posture of these rapidly expanding AI skill marketplaces.
The Rising Threat of Unvetted AI Skills
The swift expansion of AI skill marketplaces has introduced a new category of software supply chain risk. Unlike traditional app stores, many AI skills are sourced from public repositories with little to no review. This creates significant opportunities for attackers to embed harmful instructions, trigger unauthorized data access, or manipulate autonomous execution flows.
- Credential harvesting
- Data exfiltration
- Fund-transfer manipulation
- Prompt-based override attacks
These vulnerabilities can have severe consequences, particularly as AI agents become more deeply integrated into critical systems.
Certik’s Proactive Solution: The Skill Scanner Platform
The Certik Skill Scanner platform is designed to proactively identify risks that emerge during the execution of AI skills. It is particularly effective in scenarios involving financial transactions or fund calls, where the stakes are exceptionally high.
The scanner system produces a numerical score ranging from 0 to 100, along with “pass,” “warn,” or “fail” verdicts and categorized findings. According to Certik, the system achieves up to 90.5% precision in identifying security risks.
“As AI agents become more deeply integrated into financial systems, enterprise workflows and everyday digital interactions, the security model around third-party skills becomes critically important,” said Ronghui Gu, Certik’s CEO and co-founder. “Certik Skill Scanner was built to establish a standardized trust layer before execution, helping users and platforms identify hidden risks before sensitive data, assets or systems are exposed.”
Integration and Future Outlook
The Skill Scanner platform can be seamlessly integrated into AI skill marketplaces’ publishing pipelines, allowing for automatic review of skills before they go live and displaying security verdicts to users. Enterprises can deploy the tool as part of internal compliance and risk-management workflows, while independent developers can use it to self-audit skills before publishing.
In future updates, Certik plans to enable everyday users to scan skills themselves before installation. The scanner has already been deployed in select Web3 AI agent infrastructure environments and is expanding integrations with additional platforms, including Finchip.ai.
“Trust is the prerequisite for any skill economy to function at scale,” noted Gary Yang, incubation investor at Finchip.ai. “Certik’s work on skill security verification is exactly what this ecosystem needs. It’s what makes Finchip’s mission of programmable skill ownership and distribution worth building.”
Certik’s Proactive Stance on AI Security
The launch of the Skill Scanner follows Certik‘s broader expansion into AI-focused security infrastructure. Earlier this year, the company introduced its AI Auditor initiative, aimed at addressing risks tied to autonomous systems and AI-driven execution environments.
“AI applications are moving toward increasingly autonomous execution, which creates a new category of security and trust challenges,” Gu said. “We believe security infrastructure for the AI era must function proactively, not reactively.”
Frequently Asked Questions (FAQ)
What is the Certik Skill Scanner?
The Certik Skill Scanner is a new security platform designed to evaluate risks in third-party AI skills and agent marketplaces, functioning as an “anti-virus for AI agents.”
What risks does it help mitigate?
It helps mitigate risks such as credential harvesting, data exfiltration, fund-transfer manipulation, and prompt-based override attacks that can be embedded in unvetted AI skills.
Who can use the Certik Skill Scanner?
AI skill marketplaces can integrate it into their publishing pipelines, enterprises can use it for compliance and risk management, and independent developers can self-audit their skills. Future updates will allow everyday users to scan skills themselves.
What is the scanner’s accuracy?
According to Certik, the system achieves up to 90.5% precision in identifying security risks.
