Security and privacy

Last updated: 29 June 2026

AgentPod is a curated marketplace of ready-to-use skills for ChatGPT and Claude. Before any skill is listed, a person and our automated checks review it. This page explains exactly what that review covers, what we label about each skill, what we deliberately do not claim, and how we look after the only piece of personal data we collect: your email address.

What "scanned by AgentPod" means

Every skill goes through a review before it appears in the catalog. This is a combination of a human reading the skill and automated checks, not a one-click pass. We treat a skill as untrusted text until we have read it end to end.

The review looks at what the skill actually does, what data and tools it asks to touch, and whether anything in its instructions is trying to do something other than the job it claims to do. We pay particular attention to a few recurring risks. If something looks off, the skill does not get listed until it is fixed or it is rejected.

  • What it does: we confirm the skill's behavior matches its description, with no hidden side effects.
  • What it can access: we map every input, file, tool, and external destination the skill needs, and check that nothing is broader than the task requires.
  • Hidden instructions (prompt injection): text that secretly tries to make your AI ignore your wishes, pretend to be you, or follow orders buried inside content it reads.
  • Secretly sending your data out (data exfiltration): anything that quietly tries to send your information to an outside website, email, or service the skill has no reason to touch.
  • Asking for more than it needs: requests to change or send things, or to reach wide swathes of your data, when only reading a little would do.

Privacy is separate from security

A skill can be perfectly safe to run and still touch data you would rather keep private. Those are two different questions, so we keep them as two different signals.

Security is about whether a skill behaves correctly and does not do anything harmful or sneaky. Privacy is about what data the skill can see while it works. For each skill we label, in plain language, exactly what data it can touch, for example "reads text you paste in," "reads a file you provide," or "runs entirely on your device." You can see that label before you use the skill and decide for yourself. We do not bury data handling inside a security tick. It is its own clear signal.

The least access needed, nothing more

We prefer skills that ask for the least access needed to do their job. By default, a skill should only read what you give it or run on your device, and should only ask for more when the job genuinely cannot be done otherwise.

When a skill does need broader access, we expect that need to be obvious from what it does, and we label it so you are not surprised. Narrow, well-scoped skills are easier to review, easier to trust, and less likely to do something you did not intend. This is also why we favor curation over volume: a smaller set of carefully checked skills is more useful than a large pile of unchecked ones.

What we do not claim

Our review is a good-faith, best-effort process, not a guarantee. "Scanned by AgentPod" means a person and our checks looked at the skill and did not find a problem at the time of review. It does not mean the skill is certified, audited, or risk-free, and it cannot anticipate every way a skill might be misused or every change in the tools it runs against.

You should still use your own judgement. Read what a skill does and what data it can touch before you run it, especially with sensitive information, and only give an assistant access to things you are comfortable sharing. If you find something we missed, please tell us so we can fix it (see below).

How we keep your data safe

We collect as little as possible. The only personal data we ask for is your email address, submitted through the subscribe form. We use it to send new-skill alerts and launch news, and nothing else.

Your email is stored in our database (Supabase, Postgres) hosted in the EU, in the London (eu-west-2) region. When you subscribe, the system also silently creates a dormant, passwordless account tied to your email, so you can activate a real account later with no migration. You stay in control of your data and can ask us to remove it at any time.

The site is server-rendered and uses only strictly-necessary cookies and local storage: a "your skills" list kept in your browser, and lightweight error reporting so we can fix bugs. We do not run advertising or third-party analytics trackers. Emails are sent through our email provider, which we will name once it is finalized. For the full picture of what we collect and why, see our Privacy Policy.

  • Data collected: your email address only.
  • Where it lives: EU hosting (London, eu-west-2).
  • Dormant account: created silently on subscribe, passwordless, activatable later.
  • Cookies and storage: strictly necessary only; no ad or analytics trackers.

Report a security concern

If you spot a skill that behaves unexpectedly, a possible prompt-injection or data-exfiltration attempt, or anything else that looks wrong, please contact us at hello@agentpod.com. Include the skill name and what you saw, and we will look into it and act quickly. Responsible reports are welcome and appreciated.

Copied to clipboard. Go back to ChatGPT or Claude and paste it to teach the skill.