Security Audit
ncklrs/startup-os-skills:skills/renewal-manager
github.com/ncklrs/startup-os-skillsTrust Assessment
ncklrs/startup-os-skills:skills/renewal-manager received a trust score of 62/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 1 finding: 1 critical, 0 high, 0 medium, and 0 low severity. Key findings include Untrusted content attempts to instruct the host LLM.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on March 10, 2026 (commit 91625964). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Untrusted content attempts to instruct the host LLM The skill's `SKILL.md` file, which is treated as untrusted input, contains a direct instruction to the host LLM: 'When invoked, apply the guidelines in `rules/` organized by:'. This attempts to manipulate the LLM's execution flow and instruct it to process external files (`rules/`) based on the skill's internal logic, which is a form of prompt injection. The LLM should not follow operational instructions embedded within untrusted skill content. The host LLM should be designed to ignore operational instructions embedded within untrusted skill content. If the skill requires access to a `rules/` directory or specific processing logic, this should be explicitly declared in a trusted manifest or configuration, not instructed within the skill's primary content. | LLM | SKILL.md:19 |
Scan History
Embed Code
[](https://skillshield.io/report/484ae1fa3fb10229)
Powered by SkillShield