Trust Assessment
mobile-games received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Excessive tool permissions declared for an informational skill.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit e36d6fd3). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Excessive tool permissions declared for an informational skill The skill's manifest declares 'Write', 'Edit', 'Glob', and 'Grep' permissions. Given that the primary skill content (`SKILL.md`) is purely informational and does not appear to require any interaction with the filesystem beyond potentially reading its own content, these permissions are overly broad. This increases the attack surface, as a compromised LLM or a malicious update to the skill could leverage these permissions for unauthorized file modification, deletion, or data exfiltration. Restrict `allowed-tools` to only those strictly necessary for the skill's functionality. For a purely informational skill, `Read` might be sufficient, or even no explicit file system tools if all information is self-contained. `Write`, `Edit`, `Glob`, and `Grep` should be removed unless a clear, justified use case is provided. | LLM | SKILL.md |
Scan History
Embed Code
[](https://skillshield.io/report/240b0f7db7761bc0)
Powered by SkillShield