Security Audit
hig-components-controls
github.com/sickn33/antigravity-awesome-skillsTrust Assessment
hig-components-controls received a trust score of 73/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 1 finding: 1 critical, 0 high, 0 medium, and 0 low severity. Key findings include Untrusted skill attempts to instruct host LLM.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit e36d6fd3). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Untrusted skill attempts to instruct host LLM The skill content, which is marked as untrusted input, contains an instruction intended for the host LLM regarding how to process context and ask questions. This is a prompt injection attempt as it tries to manipulate the LLM's behavior from an untrusted source, violating the principle that untrusted content should not issue commands to the host LLM. Remove or rephrase the instruction so it is not directly commanding the LLM. If this is intended behavior, it should be implemented via tool definitions or explicit LLM system prompts, not embedded within untrusted skill content. | LLM | SKILL.md:8 |
Scan History
Embed Code
[](https://skillshield.io/report/3113d9626e240b16)
Powered by SkillShield