Security Audit

wiki-architect

github.com/sickn33/antigravity-awesome-skills

AI SkillCommit e36d6fd3b3f6

TRUSTED

Scanned 3 days ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

wiki-architect received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Skill processes and includes repository file contents in output.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 20, 2026 (commit e36d6fd3). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

93%

Behavioral Risk Signals

Filesystem Write

1 finding

Shell Execution

1 finding

Security Findings1

Severity	Finding	Layer	Location
MEDIUM	Skill processes and includes repository file contents in output The skill is designed to read and process the entire repository file tree and include references to specific files and their content in its generated documentation. This means that any sensitive information present in the user's codebase (e.g., API keys, PII, internal secrets, proprietary algorithms) could be extracted and presented within the generated wiki, potentially exposing it if the output is not handled securely. The skill does not specify any mechanisms for filtering or redacting sensitive data. Implement explicit filtering or redaction rules for common sensitive data patterns (e.g., API keys, passwords, PII) before including content in the output. Provide clear warnings to the user about the potential for sensitive data exposure and advise them to review the generated documentation carefully. Consider allowing users to define exclusion patterns for files or directories that should not be scanned or included in the documentation.	LLM	SKILL.md:18

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/e210cc03b8dcc306.svg)](https://skillshield.io/report/e210cc03b8dcc306)