Skyrim Sentinel [BETA]

[Somnacyl]

  

Skyrim Sentinel

Supply Chain Security for SKSE Plugins

TL;DR: Know exactly what's in your load order. Sentinel verifies SKSE plugin hashes against a community-curated database of official releases. 🟢 Verified | 🟡 Unknown. Portable, offline-capable, open source.

---

What is this?

Know your DLLs. Every SKSE plugin in your load order is a compiled binary you're trusting to run on your machine. Sentinel gives you visibility into that trust.

It scans your mods folder, generates SHA-256 hashes, and checks them against a community-curated database of official releases. Think of it as a provenance checker—answering: "Is this the exact file the author published?"

Other modding communities (Minecraft, Factorio) have dealt with supply-chain compromises. This tool exists so Skyrim modders don't have to learn that lesson the hard way.

---

🟡 Most Plugins Will Show as "Unknown" — That's Expected

Unknown does NOT mean unsafe. It simply means the plugin isn't in our database yet.

Sentinel currently covers ~100 popular SKSE plugins (Engine Fixes, RaceMenu, po3 Tweaks, etc.). Adult-specific plugins from LL are underrepresented—we're building that coverage with your help.

This is a community project. The database grows as people contribute verified hashes.

---

• Scan your MO2/Vortex mods folder
• Verify against 100+ curated plugins
• 🟢 Verified | 🟡 Unknown
• Click to copy hashes, export unknowns for submission
• Works offline with cached database
  

---

Download

⬇️ Download SkyrimSentinel.exe (v0.1.0-beta)

Just download and run — no Python or installation needed.

---

📖 How to Use

1. Download and run SkyrimSentinel.exe
2. Click Browse and select your mods folder
3. Click Scan
4. Review results — green means verified!

---

🤝 Help Build the Trust Registry

See unknown plugins? You can fix that.

1. Click Export Unknown after scanning
2. Add the mod name + Nexus/LL link to the JSON
3. Drop it in this thread or open a GitHub PR

Every submission helps the next person. We're building the definitive integrity database for SKSE plugins—together.

---

⚠️ Antivirus False Positives

Some AV tools may flag SkyrimSentinel.exe. This is a false positive—extremely common with Python apps packaged as .exe files.

PyInstaller bundles Python into a single executable, which looks "packed" to heuristic scanners. This is a well-documented issue affecting thousands of legitimate apps. See also: StackOverflow discussion.

The code is 100% open source—review it yourself, or run from source.

VirusTotal Analysis: View Full Report

---

Roadmap

• More LL-specific plugins (SexLab, OStim, DD, etc.)
• 🔴 Revoked status for known-bad hashes
• Migration to Nuitka (fewer AV false positives)
• Auto-update for database
• Direct hash submission from the app
  

---

Requirements

• Windows 10/11
• That's it.

---

Source Code

Fully open source: GitHub Repository

---

About Me

I started modding Skyrim in 2017—struggling to run Dual Sheath Redux on a low-end rig. Since then I've moved into Cybersecurity and Software Engineering (currently in university).

I built Sentinel because I love this community and want to see it stay resilient. Other ecosystems have learned hard lessons about supply-chain security. My goal is to give Skyrim modders the tools to stay ahead—without adding friction to the chaos that makes this place great.

Discord: Lullavy | GitHub: Lullacy

---

Looking for Collaborators

I'd appreciate suggestions and collaborators to help with:

• Threat modeling for Sentinel — identifying attack vectors and edge cases
• Algorithm development & optimization for traversing/walking the folder structure on the client side

If you have experience in security research or performance optimization, I'd love to hear from you!

---

A Note on Development

I used GitHub Copilot as a development aid. All AI-generated code was reviewed and verified before inclusion. The architecture and security model are my own.

---

Questions? Feedback? Hashes to submit? Post below! 👇

Edited January 20 by Somnacyl
Formatted post again