Trust Assessment
pengyouquan received a trust score of 72/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 1 finding: 1 critical, 0 high, 0 medium, and 0 low severity. Key findings include Untrusted Skill Definition as Prompt Injection.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 12, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Untrusted Skill Definition as Prompt Injection The entire skill definition, including the LLM's persona, interaction style, and behavioral constraints, is provided within the untrusted input delimiters. This constitutes a direct attempt to inject instructions into the host LLM from an untrusted source, overriding or manipulating its default programming. The skill dictates how the LLM should respond, what it should avoid, and its core principles (e.g., '你是引导者和第一个读者,不是代笔人', '绝不替用户写文案'). Move the skill's core instructions and persona definition out of the untrusted input block and into a trusted system prompt or skill definition mechanism. Untrusted input should only contain user-provided data, not instructions for the LLM. | LLM | SKILL.md:1 |
Scan History
Embed Code
[](https://skillshield.io/report/148d702daf108751)
Powered by SkillShield