Trust Assessment
futa-tracker received a trust score of 72/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 1 finding: 1 critical, 0 high, 0 medium, and 0 low severity. Key findings include Prompt Injection: Direct instructions embedded in untrusted skill description.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Prompt Injection: Direct instructions embedded in untrusted skill description The skill's `SKILL.md` file, which is explicitly marked as untrusted input, contains direct instructions intended for the host LLM. This attempts to manipulate the LLM's behavior and output generation using data that should be treated as content, not commands. Specifically, the instruction 'CRITICAL: Keep all values in original Vietnamese - DO NOT translate' and the subsequent 'Important Rules' section dictate how the LLM should process and present information, violating the principle of separating trusted instructions from untrusted content. Remove all direct instructions intended for the host LLM from the `SKILL.md` file. Skill descriptions should describe the skill's functionality and expected outputs, not dictate the LLM's behavior. LLM instructions should be part of the trusted system prompt or tool definition, not embedded within untrusted content. | LLM | SKILL.md:20 |
Scan History
Embed Code
[](https://skillshield.io/report/fbdaf7bb85da6659)
Powered by SkillShield