Security Audit
analyzing-marketing-campaign
github.com/https-deeplearning-ai/sc-agent-skills-filesTrust Assessment
analyzing-marketing-campaign received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Potential SQL Injection via LLM-generated BigQuery SQL.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on June 1, 2026 (commit 211cdd64). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential SQL Injection via LLM-generated BigQuery SQL The skill instructs the LLM to construct SQL queries for the `bigquery:execute_sql` tool based on untrusted user input (e.g., date ranges, analysis requirements). The `SKILL.md` does not provide explicit instructions for the LLM to sanitize user input or use parameterized queries when generating SQL. A malicious user could craft prompts that lead the LLM to generate SQL containing injection payloads (e.g., `UNION SELECT`, `OR 1=1`, or DDL/DML statements if permissions allow), potentially bypassing filters, exfiltrating sensitive data from other tables/datasets within `marketing-analytics-483823`, or manipulating data. Add explicit instructions to the LLM to strictly sanitize all user-provided inputs before incorporating them into SQL queries. Instruct the LLM to prefer parameterized queries or a robust SQL query builder if the `bigquery:execute_sql` tool supports them. If direct string concatenation is unavoidable, specify a strict allowlist for input values or escape all special characters. Additionally, consider restricting the BigQuery service account permissions to read-only access on only the necessary tables. | Static | SKILL.md:24 |
Scan History
Embed Code
[](https://skillshield.io/report/03001918b9362265)
Powered by SkillShield