NVIDIA has launched a formal verification pipeline for its AI agent skills, introducing cryptographic signing, automated security scanning, and machine-readable trust metadata called skill cards. The framework, announced May 19, 2026, applies to NVIDIA skills hosted on GitHub that plug into popular AI coding agents including Claude Code, Codex, and Cursor.

What Happened

NVIDIA's new Verified Agent Skills pipeline runs every skill through a multi-step process before it reaches the public catalog. Each skill is scanned by SkillSpector, an automated tool that checks for vulnerable dependencies, dangerous code patterns, credential-access risks, and agent-specific threats like prompt injection and trigger abuse. The scanning framework aligns with OWASP LLM Top 10 and MITRE ATLAS standards. After passing review, each skill receives a cryptographic signature so you can verify its integrity after download.

Why It Matters

As creative professionals add more agent skills to their workflows, the attack surface grows. Earlier this month, a malicious npm package hijacked Claude Code sessions by injecting instructions through a trusted-looking dependency. NVIDIA's approach treats provenance as verifiable rather than assumed. The skills are also built on the open agentskills.io specification, meaning verified skills work portably across any agent that supports the standard, not just NVIDIA tooling.

Key Details

  • SkillSpector scans for software vulnerabilities plus agent-specific risks: hidden instructions, mismatches between declared and actual behavior, and credential access paths.
  • Skill cards are machine-readable JSON documents attached to each skill listing its functionality, authorship, license, known risks, and verification status.
  • Cryptographic signing uses detached signatures (skill.oms.sig) that let you run an offline verification command before executing any skill.
  • Runtime governance is handled by NemoClaw for sandboxed execution, with NeMo Guardrails enforcing policy at runtime.
  • The full skills catalog syncs daily from NVIDIA product teams at docs.nvidia.com/skills.

Creator Outcome: How to Verify Skills in Your Workflow

If you use Claude Code, Codex, or Cursor with NVIDIA agent skills, you can now audit any skill before adding it to a project. Browse the catalog at github.com/NVIDIA/skills/, open the skill card JSON to review its declared purpose and known risks, then run the verification command against the downloaded skill directory:

model_signing verify certificate SKILL_DIR \
    --signature SKILL_DIR/skill.oms.sig \
    --certificate-chain nv-agent-root-cert.pem

This is the same pattern that security-conscious teams already use for container image signing. If the verification fails, the skill has been modified since NVIDIA published it and should not be trusted. For teams already using NVIDIA's CUDA-X libraries in generative pipelines, verified skills provide a structured way to extend agents without introducing unreviewed code paths.

What to Do Next

Review the SkillSpector scanning documentation to understand what the scans catch and their known limitations. If your workflow involves API keys or credentials passed through agent tools, now is also a good time to check for leaks using tools like Sieve, which scans Claude and Cursor history for exposed secrets.