Security Audit
PabloLION/bmad-plugin:plugins/bmad/skills/bmad-create-epics-and-stories
github.com/PabloLION/bmad-pluginTrust Assessment
PabloLION/bmad-plugin:plugins/bmad/skills/bmad-create-epics-and-stories received a trust score of 70/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 1 finding: 1 critical, 0 high, 0 medium, and 0 low severity. Key findings include Prompt Injection via External Instruction Reference.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on April 11, 2026 (commit 17efb6ce). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Prompt Injection via External Instruction Reference The untrusted `SKILL.md` content attempts to manipulate the host LLM by instructing it to `Follow the instructions in ./workflow.md.`. This allows an attacker to introduce arbitrary instructions from an external file, potentially overriding the LLM's current directives or leading to other malicious actions. This is a direct attempt to bypass the current instruction set by pointing to another file that could contain malicious instructions. Remove direct instructions to the LLM from untrusted content. If external files are needed, they should be explicitly loaded and processed by the skill's trusted code, not directly referenced as instructions for the LLM. Untrusted content should be treated as data, not as commands or instructions for the LLM. | LLM | SKILL.md:1 |
Scan History
Embed Code
[](https://skillshield.io/report/2edb0630a526406b)
Powered by SkillShield