Trust Assessment
eternal-haven-lore-pack received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Instruction to access external absolute file path.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Instruction to access external absolute file path The skill explicitly instructs the agent to read files from an absolute path (`D:\FULL ADUIO BOOKS\…`) which is outside the skill's designated package directory. This constitutes an attempt to access files on the host system's arbitrary file system, which could lead to unauthorized data access or exfiltration if the agent's execution environment permits such operations. This is an excessive permission request. Remove the instruction to access absolute paths outside the skill's package. All necessary files should be bundled within the skill's `references/` directory and accessed via relative paths. If external files are truly needed, a secure, sandboxed mechanism for accessing them should be implemented, not direct file system paths. | LLM | SKILL.md:148 |
Scan History
Embed Code
[](https://skillshield.io/report/45d3743480c1a099)
Powered by SkillShield