Security Audit

marketing-psychology

github.com/coreyhaines31/marketingskills

AI SkillCommit a04cb61a577a

TRUSTED

Scanned 4 days ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

marketing-psychology received a trust score of 94/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.

SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Skill attempts to manipulate host LLM to read local file.

The analysis covered 4 layers: dependency_graph, manifest_analysis, llm_behavioral_safety, static_code_analysis. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 16, 2026 (commit a04cb61a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

93%

Behavioral Risk Signals

Filesystem Write

1 finding

Dynamic Code

1 finding

Excessive Permissions

1 finding

Security Findings1

Severity	Finding	Layer	Location
MEDIUM	Skill attempts to manipulate host LLM to read local file The skill's `SKILL.md` contains an explicit instruction for the host LLM to read the file `.claude/product-marketing-context.md` from the local filesystem. This constitutes a prompt injection attempt, as the skill's content is manipulating the host LLM to perform a filesystem operation. While the file path is fixed and likely intended for internal context within the skill's own package, this instruction demonstrates the skill's capability to access local files, granting it excessive permissions. This could be abused if the path were dynamic or if the skill were to be modified to read sensitive files outside its intended scope. Avoid embedding direct filesystem read instructions within the skill's primary markdown content. If internal context is required, use a dedicated, sandboxed mechanism provided by the platform for skill-internal data loading, or embed the context directly into the skill's prompt if feasible. Ensure the host environment strictly sandboxes file access, limiting the skill to only read files within its designated package directory.	Unknown	SKILL.md:10

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/015d8cfb3a091a4c.svg)](https://skillshield.io/report/015d8cfb3a091a4c)