NVIDIA's Verified Agent Skills framework secures enterprise AI agents with scanning and signing

NVIDIA has announced NVIDIA-Verified Agent Skills, a new framework designed to bring trust, security, and transparency to enterprise AI agent deployment. The framework targets agent skills—portable instruction sets that guide AI systems in using CUDA-X libraries, AI Blueprints, and other NVIDIA platform tools. These skills are cataloged in the NVIDIA/skills GitHub repository, where each undergoes a multi-stage publication pipeline. A product team manages the source repository, then the skill moves through human review, automated policy enforcement, scanning, evaluation, skill card generation, cryptographic signing, and synchronization into the public repo. The goal is to extend trust beyond runtime controls (like NeMo Guardrails) by governing which capabilities are allowed into an agent's workflow in the first place.

The verification process includes SkillSpector, a scanning tool that checks for conventional software risks—vulnerable dependencies, suspicious scripts, dangerous code patterns, credential exposure, and data exfiltration paths—as well as agent-specific threats like hidden instructions, prompt injection, tool poisoning, and excessive permissions relative to the skill's stated purpose. Each verified skill is paired with a cryptographic signature covering the skill directory's contents, allowing users to confirm authenticity and integrity after download. Additionally, a machine-readable skill card records ownership, licensing, dependencies, technical limitations, known risks, and verification status. NVIDIA plans to add evaluation as an extra layer, introducing standardized quality measures such as trigger accuracy, task completion rate, and token efficiency against a common benchmark harness. This approach aims to give enterprises verifiable integrity for every skill integrated into their AI agents.