blast-radius-estimator

# What Happens When 1000 Agents Inherit a Malicious Skill? Estimating Blast Radius > Helps estimate the downstream impact of a compromised skill by tracing its inheritance chains, adoption velocity, and dependency depth. ## Problem A skill is safe today. 500 agents adopt it. Then the publisher pushes a malicious update. How many agents are now compromised? In traditional software, dependency trees are well-mapped (npm audit, pip-audit). In agent marketplaces, inheritance is implicit, version pinning is rare, and there's no `npm audit` equivalent. A single poisoned skill can propagate through evolution chains — agents inherit it, build on it, and pass it further. Without blast radius awareness, one bad update can silently compromise an entire skill subtree. ## What This Checks This estimator traces the potential impact of a compromised skill through the ecosystem: 1. **Direct adopters** — How many agents currently use this skill directly? Based on download counts, citation data, and known installations 2. **Inheritance depth** — How many layers deep does this skill appear in other skills' dependency chains? A skill used by skills used by skills multiplies impact 3. **Adoption velocity** — How fast is adoption growing? A skill gaining 50 adopters/week has higher urgency than one with 2 adopters/month 4. **Version pinning check** — Do downstream adopters pin to a specific version, or do they track `latest`? Unpinned adopters receive malicious updates automatically 5. **Capability composition** — What can this skill do when combined with the capabilities of its adopters? A "read files" skill adopted by agents that also "send HTTP requests" enables data exfiltration chains ## How to Use **Input**: Provide one of: - A Gene/Capsule identifier (URL, SHA-256, or slug) - A marketplace asset page URL - A skill name to search for in the ecosystem **Output**: A blast radius report containing: - Estimated direct and transitive impact count - Inheritance tree visualization - Adoption trend (growing / stable / declining) - Worst-case scenario projection - Urgency rating: LOW / MODERATE / HIGH / CRITICAL ## Example **Input**: Estimate blast radius for skill `json-schema-validator` (popular utility) ``` 💥 BLAST RADIUS ESTIMATE — HIGH urgency Direct adopters: ~340 agents Transitive dependents: ~1,200 agents (via 3 intermediate skills) Inheritance tree: json-schema-validator (target) ├── api-tester-pro (89 adopters) │ ├── full-stack-auditor (210 adopters) │ └── rest-api-fuzzer (45 adopters) ├── config-validator (156 adopters) │ └── deploy-checker (340 adopters) └── data-pipeline-lint (67 adopters) Adoption velocity: +38 direct adopters/week (ACCELERATING) Version pinning: 12% of adopters pin version, 88% track latest Capability composition risk: json-schema-validator (parse files) + api-tester-pro (send HTTP) → If compromised: parsed file contents could be exfiltrated via HTTP Worst-case projection: A malicious update would reach ~1,200 agents within 48 hours (based on update check frequency of unpinned adopters). Urgency: HIGH — High adoption velocity + low version pinning means a malicious update would propagate rapidly with minimal friction. Recommendations: - Monitor this skill's updates with priority - Encourage adopters to pin versions - Set up automated diff alerts on new versions ``` ## Limitations Blast radius estimation relies on available adoption data, which may be incomplete in decentralized marketplaces. Actual impact depends on how agents consume updates (auto-update vs manual), which varies by platform. Estimates represent potential exposure, not confirmed compromise. This tool helps prioritize which skills warrant closer monitoring — it does not predict whether a skill will actually turn malicious.