Security Audit
team-composition-analysis
github.com/sickn33/antigravity-awesome-skillsTrust Assessment
team-composition-analysis received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 0 medium, and 1 low severity. Key findings include Direct instruction to open a file.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit e36d6fd3). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| LOW | Direct instruction to open a file The skill contains a direct instruction to the host LLM to "open" a specific file (`resources/implementation-playbook.md`). This is a form of prompt injection, as it manipulates the LLM's behavior by commanding it to perform an action. While the target file is relative to the skill's directory, this pattern could be exploited if the LLM's file access is not properly sandboxed, or if the content of `resources/implementation-playbook.md` (which is not provided for analysis) contains further malicious instructions or sensitive data. Avoid direct commands to the LLM to "open" files within skill instructions. Instead, if the content of `resources/implementation-playbook.md` is intended to be displayed, it should be included directly in the skill's primary content or accessed via a secure, sandboxed tool function call that explicitly handles file retrieval. | LLM | SKILL.md:20 |
Scan History
Embed Code
[](https://skillshield.io/report/1aee5e06e2aa58ce)
Powered by SkillShield