BadSkill: Backdoor Attacks on Agent Skills via Model-in-Skill Poisoning
arXiv:2604.09378v1 Announce Type: cross
Abstract: Agent ecosystems increasingly rely on installable skills to extend functionality, and some skills bundle learned model artifacts as part of their execution logic. This creates a supply-chain risk that …