Security Audit

conductor-setup

github.com/sickn33/antigravity-awesome-skills

AI SkillCommit e36d6fd3b3f6

TRUSTED

Scanned 2 days ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

conductor-setup received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Broad filesystem read access via Glob and project file detection.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 20, 2026 (commit e36d6fd3). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

93%

Behavioral Risk Signals

Filesystem Write

1 finding

Shell Execution

1 finding

Excessive Permissions

1 finding

Security Findings1

Severity	Finding	Layer	Location
MEDIUM	Broad filesystem read access via Glob and project file detection The skill is designed to detect project type and analyze the tech stack by scanning the project root for various files and directories (e.g., `.git`, `package.json`, `requirements.txt`, `go.mod`, `Cargo.toml`, `src/`) and explicitly using a `Glob` operation. It then parses the content of detected package files. This grants the skill broad read access to the project's file system, extending beyond its dedicated `conductor/` directory. While intended for legitimate functionality (project type detection, tech stack analysis), this broad access could be misused if the skill's instructions were manipulated to read and process sensitive files from the project root, potentially leading to data exfiltration. Restrict file system access to only the necessary files and directories. If `Glob` is required, ensure its patterns are as narrow as possible and that the skill's execution environment enforces strict sandboxing to prevent arbitrary file access. Consider using a dedicated tool for project introspection that returns structured data rather than granting raw file system access to the LLM.	LLM	SKILL.md:88

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/d478b7c37eee6a20.svg)](https://skillshield.io/report/d478b7c37eee6a20)