36% of community-shared skills for AI coding agents contain security flaws, according to a Snyk audit. Trend Micro has documented actual malware being distributed through skill marketplaces. And Anthropic's own safety page states plainly that their built-in filters "are not a security boundary."
That's the gap Shoofly is designed to fill. It's a pre-execution security layer that sits between AI coding agents (like Claude Code) and the system calls they want to make. Every tool call - shell commands, file writes, API requests - gets intercepted and checked before it actually runs.
How It Works
Shoofly hooks into the PreToolUse and PostToolUse events that agents fire before and after executing actions. Think of it as a firewall for your AI assistant's hands. Before a tool call goes through, Shoofly checks it against a set of security rules:
- Prompt injection detection - catches attempts by malicious content to hijack the agent's behavior
- Credential theft blocking - stops the agent from reading or exfiltrating API keys, tokens, and passwords from your environment
- Unauthorized write prevention - restricts which files and directories the agent can modify
- Malware scanning - inspects tool results for known malicious patterns before they get processed
This matters because AI coding agents aren't sandboxed the way most people assume. They have real shell access, can read and write files across your system, and often connect to services through your stored credentials. A compromised skill or a well-crafted prompt injection can turn all of that access against you.
Who Needs This
Anyone running AI coding agents on machines with access to production credentials, private repos, or sensitive data should pay attention. Solo developers might shrug off the risk, but teams using these tools in professional environments are sitting on a real attack surface.
The project is open source and available at shoofly.dev. Setup hooks into existing agent configurations without requiring changes to the agents themselves.
The broader point here is that the AI coding tool ecosystem has moved faster than its security story. Marketplaces full of community skills with no meaningful vetting process, agents with broad system access, and safety filters that the vendors themselves say aren't security boundaries - that combination needed a response. Shoofly is one of the first serious attempts at providing it.