Trust Assessment
templates received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 0 medium, and 1 low severity. Key findings include Unjustified 'Glob' and 'Grep' permissions declared.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit e36d6fd3). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| LOW | Unjustified 'Glob' and 'Grep' permissions declared The skill's manifest declares 'Glob' and 'Grep' permissions. However, the `SKILL.md` content describes the skill's primary function as reading specific, hardcoded `TEMPLATE.md` files, which only requires the 'Read' permission. The inclusion of 'Glob' (for listing files/directories) and 'Grep' (for searching file content) is not justified by the skill's described functionality. Granting these broader permissions increases the attack surface by providing capabilities beyond what is strictly necessary for the skill's stated purpose. Review the skill's actual implementation and remove 'Glob' and 'Grep' from the `allowed-tools` in the manifest if they are not strictly required for the skill's intended operation. | LLM | SKILL.md:1 |
Scan History
Embed Code
[](https://skillshield.io/report/6ca75c844ddd4ae3)
Powered by SkillShield