Security Audit

PabloLION/bmad-plugin:plugins/bmad/skills/bmad-product-brief-preview

github.com/PabloLION/bmad-plugin

AI SkillCommit 17efb6ce67d3

TRUSTED

Scanned about 13 hours ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

PabloLION/bmad-plugin:plugins/bmad/skills/bmad-product-brief-preview received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 2 findings: 0 critical, 0 high, 1 medium, and 1 low severity. Key findings include Unpinned external skill dependency, Broad implicit file and web access.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on April 11, 2026 (commit 17efb6ce). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

91%

Behavioral Risk Signals

Network Access

1 finding

Filesystem Write

1 finding

Excessive Permissions

1 finding

Security Findings2

Severity	Finding	Layer	Location
MEDIUM	Unpinned external skill dependency The skill explicitly depends on `bmad-init` without specifying a version. This introduces a supply chain risk, as updates to `bmad-init` could introduce breaking changes or malicious code without explicit review or control by the user of this skill. Pin the version of `bmad-init` to a known good version (e.g., `bmad-init@1.2.3`) to ensure stability and security. Regularly review and update pinned dependencies.	LLM	SKILL.md:109
LOW	Broad implicit file and web access The skill description implies broad access to the local filesystem for 'artifact analysis' and configuration loading (e.g., `.claude/bmad.local.md`, `{planning_artifacts}`, `{project_knowledge}`), as well as internet access for 'web research' via 'subagents'. While these capabilities are necessary for the skill's stated function, the scope of these operations is not explicitly constrained within this document. This could potentially allow access to unintended local resources or unrestricted web domains. Implement strict access controls and sandboxing for subagents and file operations. Clearly define and limit the directories and file types that can be accessed. For web research, consider whitelisting domains or using a controlled proxy to restrict external access.	LLM	SKILL.md:20

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/33f8d87c68eb1508.svg)](https://skillshield.io/report/33f8d87c68eb1508)