SkCC: Portable and Secure Skill Compilation for Cross-Framework LLM Agents
Summary
SkCC is a compilation framework that uses a strongly-typed intermediate representation to enable portable deployment of agent skills across different frameworks while enforcing security, significantly improving performance and reducing maintenance.
View Cached Full Text
Cached at: 05/11/26, 02:53 PM
Paper page - SkCC: Portable and Secure Skill Compilation for Cross-Framework LLM Agents
Source: https://huggingface.co/papers/2605.03353
Abstract
SkCC is a compilation framework that uses a strongly-typed intermediate representation to enable portable deployment of agent skills across different platforms while ensuring security and improving performance.
LLM-Agentshave evolved into autonomous systems for complex task execution, with theSKILL.mdspecification emerging as a de facto standard for encapsulating agent capabilities. However, a critical bottleneck remains: differentagent frameworksexhibit starkly different sensitivities toprompt formatting, causing up to 40% performance variation, yet nearly all skills exist as a single, format-agnostic Markdown version. Manual per-platform rewriting creates an unsustainable maintenance burden, while prior audits have found that over one third of community skills containsecurity vulnerabilities. To address this, we presentSkCC, a compilation framework that introduces classical compiler design into agent skill development. At its core,SkIR- a strongly-typedintermediate representation- decouples skill semantics from platform-specific formatting, enabling portable deployment across heterogeneousagent frameworks. Around this IR, acompile-time Analyzerenforces security constraints viaAnti-Skill Injectionbefore deployment. Through a four-phase pipeline,SkCCreduces adaptation complexity from O(m times n) to O(m + n). Experiments onSkillsBenchdemonstrate that compiled skills consistently outperform their original counterparts, improving pass rates from 21.1% to 33.3% on Claude Code and from 35.1% to 48.7% on Kimi CLI, while achieving sub-10ms compilation latency, a 94.8% proactive security trigger rate, and 10-46%runtime token savingsacross platforms.
View arXiv pageView PDFProject pageGitHub4Add to collection
Get this paper in your agent:
hf papers read 2605\.03353
Don’t have the latest CLI?curl \-LsSf https://hf\.co/cli/install\.sh \| bash
Models citing this paper0
No model linking this paper
Cite arxiv.org/abs/2605.03353 in a model README.md to link it from this page.
Datasets citing this paper0
No dataset linking this paper
Cite arxiv.org/abs/2605.03353 in a dataset README.md to link it from this page.
Spaces citing this paper0
No Space linking this paper
Cite arxiv.org/abs/2605.03353 in a Space README.md to link it from this page.
Collections including this paper1
Similar Articles
SkillSmith: Compiling Agent Skills into Boundary-Guided Runtime Interfaces
SkillSmith is a boundary-first compiler-runtime framework that extracts fine-grained operational boundaries from LLM agent skills, enabling agents to dynamically access only relevant components, reducing solve-stage token usage by 57.44% and thinking iterations by 42.99% on the SkillsBench benchmark.
Formal Skill: Programmable Runtime Skills for Efficient and Accurate LLM Agents
This paper introduces Formal Skill, a runtime-native abstraction for LLM agents that encodes reusable procedures as executable state machines with JSON metadata, Python executors, and hook-governed control logic. An open-source implementation called FairyClaw is presented, showing competitive performance on Harness-Bench with reduced token usage.
skillhub - compose package manager for AI agent skills (Claude Code, Cursor, Codex)
skillhub is a package manager for AI agent skills, compatible with Claude Code, Cursor, and Codex.
Security for your OpenClaw agent skill before they run
SecureSkill is a tool that performs 10-layer security analysis on OpenClaw agent skills before execution, detecting threats like credential harvesting, outbound calls, and shell scripts. It produces a signed audit report mapped to OWASP, MITRE, NIST, and EU AI Act standards.
SkillCAT: Contrastive Assessment and Topology-Aware Skill Self-Evolution for LLM Agents
SkillCAT is a training-free framework for LLM agent skill self-evolution that addresses limitations of single-trace bias, unverified merging, and full corpus loading via three stages: Contrastive Causal Extraction, Assessment-Augmented Evolution, and Topology-Aware Task Execution, achieving up to 40.40% improvement on benchmarks.