Trust Assessment
github-actions received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 1 critical, 0 high, 2 medium, and 0 low severity. Key findings include Prompt Injection Attempt (Role Setting), Inconsistent Supply Chain Security Advice (Unpinned Actions).
The analysis covered 4 layers: manifest_analysis, llm_behavioral_safety, dependency_graph, static_code_analysis. The llm_behavioral_safety layer scored lowest at 56/100, indicating areas for improvement.
Last analyzed on February 11, 2026 (commit 606a7b35). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Prompt Injection Attempt (Role Setting) The untrusted content attempts to manipulate the host LLM's persona by instructing it to 'operate as a Principal DevOps Engineer'. This is a direct prompt injection attempt, as it tries to override the LLM's default instructions or role from within untrusted input. Remove any instructions or directives intended for the LLM from within the untrusted content. The LLM should not be instructed by the skill's content itself. | Unknown | SKILL.md:4 | |
| MEDIUM | Inconsistent Supply Chain Security Advice (Unpinned Actions) The skill's 'Security Best Practices' section explicitly warns against using unpinned GitHub Actions (e.g., `@main` or `@master`). However, the 'Security Scanning Pipeline' examples contradict this advice by using `trufflesecurity/trufflehog@main` and `aquasecurity/trivy-action@master`. While these are examples and not executed by the LLM, this inconsistency in a security rubric could lead users to adopt less secure practices by copy-pasting the unpinned action examples. Ensure all examples within a security rubric adhere to the best practices being taught. Update the example actions to be pinned to a specific SHA or at least a major version, consistent with the skill's own recommendations for 'Good' or 'Acceptable' pinning. | Unknown | SKILL.md:126 | |
| MEDIUM | Inconsistent Supply Chain Security Advice (Unpinned Actions) The skill's 'Security Best Practices' section explicitly warns against using unpinned GitHub Actions (e.g., `@main` or `@master`). However, the 'Security Scanning Pipeline' examples contradict this advice by using `trufflesecurity/trufflehog@main` and `aquasecurity/trivy-action@master`. While these are examples and not executed by the LLM, this inconsistency in a security rubric could lead users to adopt less secure practices by copy-pasting the unpinned action examples. Ensure all examples within a security rubric adhere to the best practices being taught. Update the example actions to be pinned to a specific SHA or at least a major version, consistent with the skill's own recommendations for 'Good' or 'Acceptable' pinning. | Unknown | SKILL.md:145 |
Scan History
Embed Code
[](https://skillshield.io/report/bc15cb406eea4401)
Powered by SkillShield