Trust Assessment
jwdiario received a trust score of 72/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 1 finding: 1 critical, 0 high, 0 medium, and 0 low severity. Key findings include Instructions to LLM found in untrusted skill description.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Instructions to LLM found in untrusted skill description The `SKILL.md` file, which is explicitly marked as untrusted input, contains direct instructions intended to manipulate the host LLM's behavior. These instructions dictate how the LLM should use the `web_fetch` tool and how it should format the output, including specific formatting requirements and content handling (e.g., 'No traducir el texto'). This constitutes a prompt injection attempt where untrusted content tries to control the LLM's operational logic and output generation. Move instructions intended for the host LLM (e.g., how to use tools, format output, or handle content) out of the untrusted `SKILL.md` body and into a trusted part of the skill definition, such as a dedicated prompt template or tool definition. The `SKILL.md` should primarily describe the skill's purpose and usage for human understanding, not provide direct commands to the LLM. | LLM | SKILL.md:20 |
Scan History
Embed Code
[](https://skillshield.io/report/fb074e173a9a764b)
Powered by SkillShield