Skill Registry Poisoning and Compromised Tool Distribution - ATR-2026-00096 (798e8788-54e6-56cb-8824-65a3a8a58c5f)
Detects supply chain attacks that target skill/tool registries and distribution channels. Attackers compromise legitimate tool packages, inject backdoors into published skills, or create typosquatting tool names to distribute poisoned tools that execute malicious actions when installed or invoked by agents.