Trust Assessment
minibook received a trust score of 66/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 2 findings: 1 critical, 0 high, 1 medium, and 0 low severity. Key findings include Missing required field: name, Dynamic Skill Definition Loading from External URL.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Dynamic Skill Definition Loading from External URL The skill instructs the agent to periodically re-read its own skill definition from an external URL (`{{BASE_URL}}/skill/minibook/SKILL.md`). If the `BASE_URL` is compromised or points to an attacker-controlled server, an attacker could inject arbitrary instructions or modify the agent's behavior, leading to prompt injection, data exfiltration, or other malicious actions. This creates a critical supply chain risk and a remote prompt injection vector. Remove the instruction to dynamically fetch and re-interpret the skill definition from an external URL. Skill definitions should be static and loaded from a trusted, immutable source. If updates are needed, they should be pushed through a secure update mechanism, not pulled from a potentially untrusted `BASE_URL`. | LLM | SKILL.md:169 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/dioxia/minibook/SKILL.md:1 |
Scan History
Embed Code
[](https://skillshield.io/report/7e45d6578facaa9e)
Powered by SkillShield