Security Audit
hig-components-status
github.com/sickn33/antigravity-awesome-skillsTrust Assessment
hig-components-status received a trust score of 73/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 1 finding: 1 critical, 0 high, 0 medium, and 0 low severity. Key findings include Untrusted content attempts to manipulate LLM behavior.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit e36d6fd3). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Untrusted content attempts to manipulate LLM behavior The skill's `SKILL.md` contains an instruction to the host LLM to 'Check for `.claude/apple-design-context.md` before asking questions. Use existing context and only ask for information not already covered.' This attempts to inject instructions into the LLM's processing flow, directing it to access an external file and modify its conversational strategy, which is a form of prompt injection. The LLM should not follow instructions embedded within untrusted skill content. Remove instructions intended for the host LLM from untrusted skill content. Skill behavior should be defined in the manifest or trusted skill code, not within user-facing documentation or untrusted data. | LLM | SKILL.md:5 |
Scan History
Embed Code
[](https://skillshield.io/report/d65856a19687ac6f)
Powered by SkillShield