Security Audit
seo-meta-optimizer
github.com/sickn33/antigravity-awesome-skillsTrust Assessment
seo-meta-optimizer received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Untrusted content instructs LLM to open a local file.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit e36d6fd3). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Untrusted content instructs LLM to open a local file The skill's instructions, located within the untrusted input block, explicitly tell the host LLM to 'open `resources/implementation-playbook.md`'. This is a direct instruction to the LLM to perform an action, which constitutes a prompt injection attempt. If the LLM has access to file system tools, this instruction could be exploited to read arbitrary files, potentially leading to data exfiltration or unexpected behavior. Remove direct instructions to the LLM to perform actions like 'open file'. Instead, describe the content of the file or provide a mechanism for the user to access it. If the file is meant to be a resource for the LLM, it should be provided as part of the skill's context in a secure manner, not as an instruction to 'open'. | LLM | SKILL.md:22 |
Scan History
Embed Code
[](https://skillshield.io/report/229c44381c3fda81)
Powered by SkillShield