Quarantine System
When Skillsmith detects potential security issues in a skill, it places the skill in quarantine to protect your environment. This page explains how the quarantine system works and what to do if you encounter a quarantined skill.
What is Quarantine?
Quarantine is a protective system that isolates skills with potential security issues. When a skill is quarantined, it cannot be installed until it has been reviewed or the issues have been resolved.
The quarantine system exists to protect you from:
- Malicious code that could harm your system
- Prompt injection attacks that could manipulate Claude
- Skills that access sensitive files without authorization
- Low-quality skills that may cause unexpected behavior
Quarantine Severity Levels
Quarantined skills are assigned one of four severity levels, each with different implications:
Permanent quarantine — security threat detected
- Cannot be installed under any circumstances
- Requires security team review
- Author may be banned from the registry
Example: Skill contains jailbreak patterns or known malicious code
Manual review required before import allowed
- Installation blocked until review completes
- Security team evaluates within 24-48 hours
- May be approved, rejected, or downgraded
Example: Skill accesses sensitive files without clear justification
Can import with warnings displayed
- Installation allowed with explicit confirmation
- Warning message explains detected risks
- User assumes responsibility
Example: Skill references external URLs not on the allowlist
Can import with reduced quality score
- Installation allowed normally
- Quality score is reduced in search results
- May indicate incomplete or outdated skill
Example: Skill missing required metadata or documentation
What Triggers Quarantine
Skills can be quarantined for several reasons:
| Trigger | Typical Severity | Description |
|---|---|---|
| Failed security scan | SUSPICIOUS or MALICIOUS | Security scan detected critical or high-severity patterns |
| User reports | SUSPICIOUS | Multiple users reported suspicious behavior |
| Blocklist match | MALICIOUS | Skill matches known malicious patterns or authors |
| Anomaly detection | SUSPICIOUS | Sudden behavior change in previously trusted skill |
| Missing metadata | LOW_QUALITY | Required fields missing from SKILL.md |
User Experience
When Installing a Quarantined Skill
If you try to install a quarantined skill, you'll see different messages depending on severity:
MALICIOUS Skills
Error: This skill has been quarantined for security reasons and cannot be installed.
Reason: Security threat detected - jailbreak patterns found
For more information, visit skillsmith.app/docs/quarantineSUSPICIOUS Skills
Warning: This skill is under review and cannot be installed yet.
Reason: Accesses sensitive file patterns
Review status: Pending (estimated 24-48 hours)
You will be notified when the review is complete.RISKY Skills
Warning: This skill has been flagged for the following risks:
- References external domain: api.example.com
- Contains high-entropy content (possible obfuscation)
Do you want to proceed with installation? (y/N)Checking Quarantine Status
You can check if a skill is quarantined before installing:
# Using the CLI
skillsmith info <skill-id>
# Response includes quarantine status
{
"id": "community/suspicious-skill",
"quarantineStatus": {
"quarantined": true,
"severity": "SUSPICIOUS",
"reason": "Accesses sensitive file patterns",
"reviewStatus": "pending"
}
}For Skill Authors
Checking If Your Skill Is Quarantined
Authors can check their skill's quarantine status:
skillsmith info <your-skill-id>
# Or via the MCP server
"Check the status of my-skill-name"Resolution Process
If your skill is quarantined, follow these steps to resolve it:
- Review the findings: Check the quarantine reason to understand what triggered it
- Fix the issues: Update your skill to address the security concerns
- Remove or justify external URL references
- Avoid accessing sensitive file patterns
- Remove any code that could be misinterpreted as malicious
- Push updates: Commit your changes to the skill repository
- Request re-scan: The skill will be automatically re-scanned on the next index cycle (typically within 24 hours)
- Wait for review: For SUSPICIOUS or MALICIOUS severity, manual review is required even after fixes
Appeal Process
If you believe your skill was incorrectly quarantined (false positive):
- Document your case: Explain why the flagged patterns are legitimate and necessary
- Open an issue: Create an issue at
GitHub
with label
quarantine-appeal - Include evidence: Provide the skill ID, quarantine reason, and your justification
- Await response: Appeals are typically reviewed within 2-5 business days
Review Timeline
| Severity | Initial Triage | Full Review | Appeal Resolution |
|---|---|---|---|
| MALICIOUS | 24 hours | 3-5 days | 5-10 days |
| SUSPICIOUS | 24-48 hours | 2-5 days | 3-7 days |
| RISKY | Automatic | N/A | 1-3 days |
| LOW_QUALITY | Automatic | N/A | 1-2 days |
Preventing Quarantine
To avoid having your skill quarantined:
- Follow the security best practices for authors
- Run
skillsmith validatelocally before publishing - Avoid external URLs unless absolutely necessary
- Never access sensitive files (.env, credentials, keys)
- Include complete metadata in your SKILL.md
- Submit for verification to get the Verified badge
Related Documentation
- Security Model - What we scan for and why
- Trust Tiers - How verification affects trust
- CLI Reference - Using the validate command