Security Audit
PabloLION/bmad-plugin:plugins/bmad/skills/bmad-check-implementation-readiness
github.com/PabloLION/bmad-pluginTrust Assessment
PabloLION/bmad-plugin:plugins/bmad/skills/bmad-check-implementation-readiness received a trust score of 70/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 1 finding: 1 critical, 0 high, 0 medium, and 0 low severity. Key findings include Skill definition contains prompt injection.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on April 11, 2026 (commit 17efb6ce). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Skill definition contains prompt injection The `SKILL.md` file, which is explicitly marked as untrusted content, contains a direct instruction to the LLM: 'Follow the instructions in ./workflow.md.'. This attempts to manipulate the host LLM's behavior by injecting commands from untrusted input, violating the principle that content within untrusted delimiters should be treated as data, not instructions. Remove direct instructions to the LLM from the `SKILL.md` file. The skill definition should describe the skill's purpose and how it interacts with tools, not issue commands to the LLM directly. If a workflow needs to be executed, it should be triggered by a defined tool or a structured prompt, not by an instruction embedded directly in the untrusted skill definition. | LLM | SKILL.md:1 |
Scan History
Embed Code
[](https://skillshield.io/report/dda2a61dbf3ea420)
Powered by SkillShield