Certik's skill scanner scores third-party AI skills from 0 to 100 with 90.5% precision. Finchip.ai is the first confirmed adopter. The tool targets unvetted supply chain risks in agent marketplaces.
Alpha Score of 77 reflects strong overall profile with strong momentum, moderate value, strong quality, moderate sentiment.
Certik on May 27 unveiled a security platform it calls an “anti-virus for AI agents,” designed to evaluate risks in third-party AI skill marketplaces. The blockchain and AI security firm says its skill scanner produces a numerical score from 0 to 100 alongside “pass,” “warn” or “fail” verdicts and categorized findings. Certik reports the system achieves up to 90.5% precision in identifying security risks.
Security researchers have warned that many skills on these marketplaces are unvetted, can execute system-level actions, and may contain hidden malicious behavior. The risks include:
Certik’s CEO and co-founder Ronghui Gu described the problem: “As AI agents become more deeply integrated into financial systems, enterprise workflows and everyday digital interactions, the security model around third-party skills becomes critically important.” The scanner, Gu said, “was built to establish a standardized trust layer before execution, helping users and platforms identify hidden risks before sensitive data, assets or systems are exposed.”
The launch follows Certik’s earlier AI Auditor initiative, which targeted risks tied to autonomous systems and AI-driven execution environments. The company is now expanding into the specific risk of skills – essentially plug-ins or modules that extend an AI agent’s capabilities.
Unlike traditional app stores, where Apple and Google enforce review processes, most AI skill marketplaces source skills from public repositories with little or no review. This creates a new software supply chain risk for the AI era. Attackers can embed harmful instructions, trigger unauthorized data access, or manipulate autonomous execution flows.
The problem is amplified as agent ecosystems mature. Platforms such as OpenAI’s ChatGPT plugin store, LangChain’s tools, and various Web3 agent frameworks all rely on third-party skills to extend functionality. Certik’s announcement targets that exact vulnerability: the absence of a standardized trust layer before execution.
Certik said the scanner can be integrated directly into publishing pipelines, automatically reviewing skills before they go live and displaying security verdicts to users. Enterprises can deploy it as part of internal compliance workflows, while independent developers can self-audit skills before publishing. Future updates will allow everyday users to scan skills themselves before installation.
The platform is already deployed in select Web3 AI agent infrastructure environments. The company is expanding integrations with additional platforms, including Finchip.ai.
The source names Finchip.ai as a confirmed partner using the scanner. Finchip focuses on programmable skill ownership and distribution – exactly the kind of marketplace that would benefit from a trust layer. Gary Yang’s endorsement signals that at least one platform sees the scanner as essential infrastructure.
Beyond Finchip, Certik is targeting Web3 AI agent infrastructure environments. This includes agents built on blockchain networks that require trustless verification. The integration of Web3 with AI creates a heightened risk because agents can autonomously execute financial transactions on-chain. A compromised skill could directly drain wallets or manipulate smart contracts.
Practical rule: when an AI agent can move value, security at the skill layer becomes a liquidity risk equivalent to a smart contract exploit. Certik’s scanner introduces a gate that can flag skills capable of fund transfers before they ever interact with an agent.
The read-through extends beyond Certik’s immediate partners. Any platform that hosts or allows third-party AI skills faces the same unvetted supply chain risk:
The risk is not hypothetical. Security audits across the sector have found malicious skills that harvest credentials, exfiltrate data, and manipulate transfers. Certik’s 90.5% precision number gives a benchmark: the remaining 9.5% false negative risk means no scanner catches everything, the improvement over zero review is material.
As consumer and enterprise adoption of AI agents accelerates, the skill marketplace security gap will attract regulatory attention. In the UK, the European Union’s AI Act already requires risk assessments for high-risk systems. A skill marketplace that processes financial data could fall under that definition. Certik’s scanner provides a compliance-adjacent solution.
Confirmation signals: A high-profile exploit on a major skill marketplace – a skill that drains tokens or exfiltrates corporate data – would validate Certik’s premise and accelerate enterprise adoption. Additional platform integrations beyond Finchip, especially with OpenAI or LangChain, would signal marketplace-wide acceptance.
Risk to watch: If platforms themselves tighten vetting standards internally, the need for a third-party scanner could shrink. Alternatively, if Certik’s false negative rate proves higher than advertised in real-world deployments, trust could erode. The scanner’s precision of 90.5% is a strong baseline, not a perfect one.
Execution risk: Certik must scale its scanner as skill volumes grow. A single enterprise could deploy thousands of skills daily. Latency, cost, and accuracy trade-offs will matter. The company’s earlier expansion into AI Auditor and its history in blockchain security give it credibility, AI skill scanning is a new domain.
Bottom line for traders: the AI security infrastructure sector is nascent, and Certik’s announcement positions it as an early standard-setter. The direct beneficiaries are any platform that can use the scanner as a trust differentiator. Finchip.ai stands out as the first confirmed adopter. Broader ecosystem growth depends on how quickly skill marketplaces recognize the supply chain risk – and whether buyers start demanding security ratings before installing an agent skill.
Also related: recent reporting on 7.6 million European users downloading unlicensed crypto exchanges shows how unvetted software cascades into systemic risk. AI skill marketplaces face the same dynamic, with higher stakes because skills execute autonomously. Certik's launch is the first dedicated attempt to contain that risk at the skill layer.
Prepared with AlphaScala research tooling and grounded in primary market data: live prices, fundamentals, SEC filings, hedge-fund holdings, and insider activity. Each story is checked against AlphaScala publishing rules before release. Educational coverage, not personalized advice.