Trust Assessment
email-sequence received a trust score of 94/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Skill instructs LLM to read local filesystem file.
The analysis covered 4 layers: manifest_analysis, llm_behavioral_safety, static_code_analysis, dependency_graph. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 16, 2026 (commit a04cb61a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Skill instructs LLM to read local filesystem file The skill explicitly instructs the LLM to read the content of a local file (`.claude/product-marketing-context.md`). This grants the LLM access to the local filesystem, which could be an excessive permission if the file contains sensitive information or if the LLM's behavior could be manipulated to output its contents. While the file path is specific, direct filesystem access by an LLM should be carefully controlled. Ensure that `.claude/product-marketing-context.md` does not contain any sensitive information. Consider if direct filesystem access is strictly necessary for the skill's function, or if the required context could be provided through other, more controlled means (e.g., explicit user input, API calls to a secure data store). Implement safeguards to prevent the LLM from outputting the file's content. | Unknown | SKILL.md:10 |
Scan History
Embed Code
[](https://skillshield.io/report/19154cba72e52bb8)
Powered by SkillShield