Trust Assessment
ab-test-setup received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Potential Data Exfiltration via File Read.
The analysis covered 4 layers: manifest_analysis, llm_behavioral_safety, dependency_graph, static_code_analysis. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 16, 2026 (commit a04cb61a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Data Exfiltration via File Read The skill explicitly instructs the LLM to read the file `.claude/product-marketing-context.md`. This file, by its name, suggests it may contain sensitive internal product marketing context. Reading such a file could lead to the exfiltration of confidential information from the host environment if the file contains proprietary or sensitive data not intended for external access or processing by the skill. Avoid instructing the LLM to read files from arbitrary or system-specific paths like `.claude/`. If context is needed, it should be provided explicitly as part of the skill's input or through secure, sandboxed mechanisms. Ensure that any files accessible by the LLM do not contain sensitive information. | Unknown | SKILL.md:9 |
Scan History
Embed Code
[](https://skillshield.io/report/4383341b026ddc4e)
Powered by SkillShield