Security Audit
DietrichGebert/ponytail:.openclaw/skills/ponytail-review
github.com/DietrichGebert/ponytailTrust Assessment
DietrichGebert/ponytail:.openclaw/skills/ponytail-review received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Prompt Injection via Control Phrases in Untrusted Content.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on June 21, 2026 (commit 6da37bfa). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Prompt Injection via Control Phrases in Untrusted Content The skill instructions define control phrases ('stop ponytail-review' or 'normal mode') that trigger a fallback to a 'verbose review style'. Because the LLM is processing untrusted diffs/code, an attacker can embed these phrases in the code being reviewed to hijack the LLM's instructions and bypass the ponytail-review constraints. Remove the instructions that allow untrusted content to switch modes or control the LLM's behavior. Any mode switching should be controlled by the user or system configuration, not by content within the analyzed files. | LLM | SKILL.md:45 |
Scan History
Embed Code
[](https://skillshield.io/report/d370e7a37c6b4c9c)
Powered by SkillShield