Security Audit
database-admin
github.com/sickn33/antigravity-awesome-skillsTrust Assessment
database-admin received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Skill instructs LLM to open local file.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit e36d6fd3). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Skill instructs LLM to open local file The skill's instructions explicitly tell the LLM to 'open `resources/implementation-playbook.md`'. This is a direct instruction to the LLM to perform a file system operation. If the LLM environment allows file access, this could be exploited to read arbitrary files by manipulating the path (e.g., via path traversal) or by chaining with other instructions to exfiltrate content. This represents a prompt injection attempt to control the LLM's actions and implies an excessive permission if not properly sandboxed. Remove or rephrase instructions that directly command the LLM to perform file system operations. If file access is necessary, ensure it's done through a sandboxed and explicitly defined tool with strict access controls, rather than as a direct instruction to the LLM. The LLM should not be able to directly 'open' files based on skill instructions. | LLM | SKILL.md:18 |
Scan History
Embed Code
[](https://skillshield.io/report/03c2d0c1f1fad15e)
Powered by SkillShield