Trust Assessment
expansion-retention received a trust score of 73/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 1 finding: 1 critical, 0 high, 0 medium, and 0 low severity. Key findings include Persona manipulation via untrusted input.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on June 1, 2026 (commit 81e7e0dd). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Persona manipulation via untrusted input The untrusted `SKILL.md` attempts to define the LLM's persona and role ('You are a GTM strategist specializing in post-sale revenue growth...'). This is a direct instruction to the host LLM from untrusted content, which can lead to the LLM adopting an unintended persona or behavior, overriding its system-defined role. Remove or ignore persona-defining instructions within untrusted content. The LLM's persona should be defined by the system prompt, not by user-provided skill content. | LLM | SKILL.md:10 |
Scan History
Embed Code
[](https://skillshield.io/report/9a26a1998d17ae8c)
Powered by SkillShield