Trust Assessment
ml-engineer received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Skill instructs LLM to 'open' a file, implying filesystem access.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit e36d6fd3). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Skill instructs LLM to 'open' a file, implying filesystem access The skill contains an instruction `open `resources/implementation-playbook.md``. This implies the LLM has direct access to the filesystem and can perform file operations. While the target file is internal to the skill, this capability could be abused if the LLM were to interpret 'open' as a command to read arbitrary files, potentially leading to data exfiltration or unexpected execution if the LLM has such capabilities. This represents an excessive permission for an LLM skill. Rephrase the instruction to 'Refer to `resources/implementation-playbook.md` for detailed examples' or 'Consult the content of `resources/implementation-playbook.md`' to avoid implying direct file system command execution. If the intent is for the LLM to read the file, a specific tool for file reading should be explicitly invoked. | LLM | SKILL.md:18 |
Scan History
Embed Code
[](https://skillshield.io/report/c1486ea1b5d7b827)
Powered by SkillShield