Security Audit
PabloLION/bmad-plugin:plugins/bmad/skills/bmad-cis-storytelling
github.com/PabloLION/bmad-pluginTrust Assessment
PabloLION/bmad-plugin:plugins/bmad/skills/bmad-cis-storytelling received a trust score of 70/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 1 finding: 1 critical, 0 high, 0 medium, and 0 low severity. Key findings include Untrusted content attempts to issue instructions to the analyzer.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on April 11, 2026 (commit 17efb6ce). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Untrusted content attempts to issue instructions to the analyzer The `SKILL.md` file, which is explicitly marked as untrusted input, contains an instruction (`Follow the instructions in [workflow.md](workflow.md).`) attempting to direct the analyzer's behavior. This directly violates the security principle that untrusted content should not issue commands or instructions to the host LLM (SkillShield). Such attempts are a form of prompt injection, aiming to subvert the analyzer's operational directives. Remove any instructions or commands from untrusted skill content that attempt to control the analyzer's behavior. Untrusted content should only contain data, not directives. The analyzer is explicitly instructed to ignore commands within untrusted blocks. | LLM | SKILL.md:3 |
Scan History
Embed Code
[](https://skillshield.io/report/39a185e5495c3cb9)
Powered by SkillShield