Trust Assessment
django-pro received a trust score of 72/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 1 finding: 1 critical, 0 high, 0 medium, and 0 low severity. Key findings include Untrusted content instructs LLM to open local file.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit e36d6fd3). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Untrusted content instructs LLM to open local file The untrusted skill definition contains an instruction for the LLM to 'open `resources/implementation-playbook.md`'. This is a direct attempt to manipulate the host LLM's behavior by instructing it to access a local file. If the LLM has file system access, this could lead to data exfiltration, unintended information disclosure, or other unauthorized actions. Remove or rephrase the instruction 'open `resources/implementation-playbook.md`' from the untrusted skill definition. The LLM should not be instructed to perform file system operations from untrusted content. If the content of `implementation-playbook.md` is essential, it should be provided directly within the trusted skill context or through a secure, controlled mechanism, not via an instruction to 'open' a file. | LLM | SKILL.md:10 |
Scan History
Embed Code
[](https://skillshield.io/report/a48fd2d6805b7e8e)
Powered by SkillShield