Security Audit
PabloLION/bmad-plugin:plugins/bmad/skills/bmad-agent-qa
github.com/PabloLION/bmad-pluginTrust Assessment
PabloLION/bmad-plugin:plugins/bmad/skills/bmad-agent-qa received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Broad filesystem read access via project context loading.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on April 11, 2026 (commit 17efb6ce). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Broad filesystem read access via project context loading The skill explicitly instructs the LLM to search for and load `**/project-context.md` files from the user's project directory. This grants the skill broad read access to files within the project, potentially including sensitive information if `project-context.md` contains such data or if the skill's interpretation of 'foundational reference' is misused. The `**` wildcard allows recursive directory traversal, increasing the scope of potential file access. Restrict file access to a specific, known path or a very limited set of files. If `project-context.md` is truly necessary, ensure its contents are non-sensitive and that the skill is sandboxed to prevent exfiltration. Consider requiring explicit user confirmation before loading such files, or provide a mechanism for the user to specify the exact path. | LLM | SKILL.md:53 |
Scan History
Embed Code
[](https://skillshield.io/report/3410a8c62b626d4e)
Powered by SkillShield