Trust Assessment
cli-developer received a trust score of 95/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Skill instructs loading of additional untrusted content.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 11, 2026 (commit 3d5e297b). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Skill instructs loading of additional untrusted content The skill's 'Reference Guide' section explicitly instructs the agent to 'Load detailed guidance' from relative paths (e.g., `references/design-patterns.md`). Since the entire skill package is treated as untrusted, loading additional files from within the package means the agent is being instructed by untrusted content to load *more* untrusted content into its context. This could be used to inject further instructions or malicious data if the content of these reference files is not properly sanitized or vetted before being processed by the LLM. Ensure that any files loaded by the agent based on instructions from untrusted skills are thoroughly sanitized and validated for malicious instructions or data exfiltration attempts. Consider sandboxing the file loading mechanism or restricting it to only allow loading of inert data formats, or only from a trusted, pre-vetted set of files. | LLM | SKILL.md:39 |
Scan History
Embed Code
[](https://skillshield.io/report/ef2ff8d5cb2787b9)
Powered by SkillShield