Trust Assessment
schema-markup received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Potential Prompt Injection via external context file.
The analysis covered 4 layers: manifest_analysis, llm_behavioral_safety, dependency_graph, static_code_analysis. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 16, 2026 (commit a04cb61a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Prompt Injection via external context file The skill explicitly instructs the LLM to read the content of `.claude/product-marketing-context.md` and use it as context. If this external file contains untrusted or malicious instructions, it could lead to prompt injection, allowing an attacker to manipulate the LLM's behavior or extract sensitive information. The content of this file is not provided or validated within the skill's definition, making it a potential vector for injecting arbitrary commands or overriding the LLM's instructions. Avoid instructing the LLM to read external files that are not explicitly part of the trusted skill package. If external context is required, ensure it is strictly validated, sanitized, or loaded from a trusted, immutable source. Consider embedding necessary context directly within the skill definition if it's static, or using a secure mechanism for dynamic context loading that prevents arbitrary code execution or instruction overriding. | Unknown | SKILL.md:8 |
Scan History
Embed Code
[](https://skillshield.io/report/634a7f736831752a)
Powered by SkillShield