Security Audit
bats-testing-patterns
github.com/sickn33/antigravity-awesome-skillsTrust Assessment
bats-testing-patterns received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Instruction to open file embedded in untrusted skill content.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit e36d6fd3). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Instruction to open file embedded in untrusted skill content The skill's `SKILL.md` content, which is treated as untrusted input, contains a direct imperative instruction to the LLM: 'open `resources/implementation-playbook.md`'. This demonstrates that instructions embedded within untrusted skill descriptions can manipulate the LLM's subsequent actions, which is a form of prompt injection. While this specific instruction is benign, it establishes a pattern where malicious instructions could be injected to control the LLM's behavior. Rephrase instructions within untrusted content to be descriptive rather than imperative. For example, instead of 'open X', use phrases like 'Detailed examples are available in X' or 'Refer to X for detailed examples'. This prevents the untrusted content from issuing direct commands to the LLM. | LLM | SKILL.md:29 |
Scan History
Embed Code
[](https://skillshield.io/report/672769e20f9e7e28)
Powered by SkillShield