Trust Assessment
performance-engineer received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Untrusted input attempts to set LLM persona and behavior.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 12, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Untrusted input attempts to set LLM persona and behavior The entire content of `SKILL.md` is marked as untrusted input, yet it contains direct instructions for the LLM. This includes setting its persona ('You are a performance engineer...') and guiding its output generation strategy ('generate output incrementally', 'ask the user which component to implement next'). This constitutes a prompt injection attempt where untrusted data tries to manipulate the host LLM's operational parameters and behavior. Remove all instructions intended for the LLM from the untrusted input block. Only provide data or user-facing content within untrusted delimiters. LLM instructions should be part of the trusted system prompt or skill definition, outside of any untrusted input markers. | LLM | SKILL.md:1 |
Scan History
Embed Code
[](https://skillshield.io/report/049770d4120b0030)
Powered by SkillShield