Security Audit
lawvable/awesome-legal-skills:skills/politique-confidentialite-malik-taiar
github.com/lawvable/awesome-legal-skillsTrust Assessment
lawvable/awesome-legal-skills:skills/politique-confidentialite-malik-taiar received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 1 critical, 1 high, 1 medium, and 0 low severity. Key findings include Prompt Injection - Directives to LLM, Data Exfiltration via Prompt Injection for Sensitive Data Collection, Excessive Permissions - Implied File and Web Access.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 48/100, indicating areas for improvement.
Last analyzed on February 26, 2026 (commit 4d82d4cf). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Prompt Injection - Directives to LLM The untrusted skill contains explicit instructions that attempt to manipulate the host LLM's behavior, dictating specific questions to ask the user and how to format its responses. This is a direct form of prompt injection, where the untrusted content overrides or influences the LLM's operational instructions. The LLM should be robustly sandboxed against instructions embedded within untrusted content. Untrusted content should be treated as data, not commands. Implement strict input validation and instruction filtering to prevent untrusted content from issuing directives to the LLM. | LLM | SKILL.md:190 | |
| HIGH | Data Exfiltration via Prompt Injection for Sensitive Data Collection The untrusted skill explicitly instructs the LLM to solicit and collect a wide array of highly sensitive personal and business information from the user/client. This includes company registration details, contact information, detailed categories of data collected (including sensitive data like health, political, ethnic, biometric information), third-party processors, and international data transfer specifics. This collection is driven by prompt injection, where the untrusted skill dictates the LLM's questions. If the LLM's environment is not perfectly secure or if the LLM itself is compromised, this collected sensitive data could be at risk of unauthorized access or exfiltration. Implement strict data handling policies for any information collected by the LLM based on untrusted skill instructions. Ensure that sensitive data is only processed within a secure, isolated environment with appropriate access controls and encryption. Review the necessity of collecting such granular sensitive data via an untrusted skill. The LLM should be designed to recognize and flag requests for highly sensitive data originating from untrusted sources. | LLM | SKILL.md:100 | |
| MEDIUM | Excessive Permissions - Implied File and Web Access The untrusted skill instructs the LLM to 'Analyze the documents provided' (e.g., T&Cs, contracts) and to perform 'Additional research on the site (if accessible)' using a provided URL. This implies the LLM is expected to have capabilities to read arbitrary local files and browse external websites. If the LLM has such broad access, an untrusted skill could potentially exploit these permissions to read sensitive local files outside its intended scope or perform Server-Side Request Forgery (SSRF) or other web-based attacks via controlled web browsing. Ensure that the LLM's capabilities for file system access and web browsing are strictly sandboxed and limited. File access should be restricted to explicitly allowed directories or files, and web browsing should be proxied, filtered, and monitored to prevent abuse. The LLM should not automatically execute instructions to access external resources or arbitrary local files based on untrusted input. | LLM | SKILL.md:229 |
Scan History
Embed Code
[](https://skillshield.io/report/050a174c7587d25e)
Powered by SkillShield