Security Audit
backend-security-coder
github.com/sickn33/antigravity-awesome-skillsTrust Assessment
backend-security-coder received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Untrusted content attempts to instruct LLM to open a file.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit e36d6fd3). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Untrusted content attempts to instruct LLM to open a file The skill's instructions, located within the untrusted input block, contain a directive for the LLM to 'open `resources/implementation-playbook.md`'. This is an instruction originating from untrusted content, attempting to manipulate the LLM's behavior by commanding it to access a file. According to SkillShield rules, content within the untrusted delimiters should be treated as data, not instructions, and commands found within it should not be followed. Remove or rephrase the instruction to 'open `resources/implementation-playbook.md`' from the untrusted content. If the skill genuinely needs to access this file, the instruction should be part of the trusted system prompt or tool definition, not embedded in user-editable or untrusted skill description. For example, the LLM could be instructed in its system prompt to *offer* to open the playbook if the user asks for detailed examples, rather than the skill *commanding* it to open. | LLM | SKILL.md:21 |
Scan History
Embed Code
[](https://skillshield.io/report/ab70171e559ed372)
Powered by SkillShield