Trust Assessment
page-cro received a trust score of 94/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Skill instructs LLM to read local files.
The analysis covered 4 layers: dependency_graph, llm_behavioral_safety, manifest_analysis, static_code_analysis. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 16, 2026 (commit a04cb61a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Skill instructs LLM to read local files The skill explicitly instructs the host LLM to read a local file (`.claude/product-marketing-context.md`). This grants the LLM file system access, which could be exploited for data exfiltration if the file path could be manipulated by an attacker (e.g., through prompt injection or if the skill were to construct file paths dynamically based on user input). Even for a fixed path, it represents an excessive permission for a skill that primarily provides advice, as it allows the LLM to access content outside its immediate input context. Avoid instructing the LLM to directly read local files. If external context is needed, it should be provided to the LLM through its input context or a dedicated, sandboxed tool, rather than by instructing it to perform file system operations. If file access is absolutely necessary, ensure strict validation of file paths and limit access to a very narrow, sandboxed directory. | Unknown | SKILL.md:10 |
Scan History
Embed Code
[](https://skillshield.io/report/20029e19da5ba444)
Powered by SkillShield