Trust Assessment
copywriting received a trust score of 98/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 0 medium, and 1 low severity. Key findings include File System Read Permission Granted.
The analysis covered 4 layers: dependency_graph, manifest_analysis, llm_behavioral_safety, static_code_analysis. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 16, 2026 (commit a04cb61a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| LOW | File System Read Permission Granted The skill explicitly instructs the LLM to read a file from the local file system (`.claude/product-marketing-context.md`). While the path is fixed and relative, this grants the LLM file system read permissions. If the execution environment is not strictly sandboxed to prevent path traversal or access to sensitive directories, this capability could potentially be abused for data exfiltration. Ensure the LLM execution environment is strictly sandboxed, limiting file system access to only explicitly allowed and non-sensitive directories. If possible, avoid direct file system reads and instead provide necessary context via API or explicit input. If file reading is essential, validate and sanitize all paths rigorously, and restrict access to a dedicated, non-sensitive data directory. | Unknown | SKILL.md:10 |
Scan History
Embed Code
[](https://skillshield.io/report/2e48a9e4f109b56e)
Powered by SkillShield