Trust Assessment
architect received a trust score of 94/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Broad filesystem permissions declared.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Broad filesystem permissions declared The skill's manifest declares 'Read, Write, Edit' permissions without any path restrictions. While the skill's internal logic specifies writing to a controlled subdirectory (`.specweave/docs/internal/architecture/`), the broad permissions allow the skill to potentially read, write, or modify arbitrary files within the agent's workspace. This creates a risk if the skill's execution is compromised (e.g., via prompt injection), as an attacker could leverage these permissions to access or modify sensitive files outside the intended scope. Restrict 'allowed-tools' to the minimum necessary scope. If only specific directories need write access, use more granular permissions (e.g., 'Write:/path/to/docs'). If 'Edit' is not strictly necessary for arbitrary files, consider removing it or scoping it to specific file types or directories. | LLM | SKILL.md:1 |
Scan History
Embed Code
[](https://skillshield.io/report/cdeb92eb67e236c2)
Powered by SkillShield