Security Audit
langchain-architecture
github.com/sickn33/antigravity-awesome-skillsTrust Assessment
langchain-architecture received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 3 findings: 0 critical, 0 high, 2 medium, and 1 low severity. Key findings include Potential for broad file system access via DirectoryLoader, Custom tools imply sensitive operations without implementation details, Integration of broad web search tool `serpapi`.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit e36d6fd3). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Potential for broad file system access via DirectoryLoader The skill demonstrates the use of `DirectoryLoader('./docs')` which can load all documents from a specified directory. If the `docs` directory contains sensitive or confidential information, this could lead to unintended data exposure or exfiltration when the skill processes these documents. While a common pattern in LangChain, it represents a potential risk if not handled with care in deployment. Advise users to ensure that directories processed by `DirectoryLoader` contain only non-sensitive, public information, or implement strict access controls and data sanitization. Consider using more granular loaders or explicit file paths where possible to limit the scope of file access. | LLM | SKILL.md:305 | |
| MEDIUM | Custom tools imply sensitive operations without implementation details The skill defines custom tools `search_database` and `send_email`. While their implementations are not provided, their descriptions (`"Search internal database for information."`, `"Send an email to specified recipient."`) indicate capabilities that could lead to excessive permissions or data exfiltration if not securely implemented with proper access controls, input validation, and scope limitations. The risk lies in the potential for an agent to misuse these broad capabilities. Emphasize the critical need for secure implementation of custom tools, including: strict input validation and sanitization; least privilege access to underlying systems (database, email service); auditing and logging of tool usage; and clear documentation of tool capabilities and limitations for users. | LLM | SKILL.md:160 | |
| LOW | Integration of broad web search tool `serpapi` The skill demonstrates loading the `serpapi` tool, which provides general web search capabilities. Granting an AI agent unrestricted web search access can be an excessive permission, potentially allowing it to gather information beyond the user's explicit intent or interact with external websites without sufficient oversight. This could lead to privacy concerns or unintended data exposure. Advise users to carefully consider the necessity and scope of web search tools. Implement strict controls on what information can be searched for and how results are used. Consider using more specialized or sandboxed search tools if available, or requiring explicit user confirmation for sensitive searches. | LLM | SKILL.md:110 |
Scan History
Embed Code
[](https://skillshield.io/report/f221a36ba589a921)
Powered by SkillShield