Security Audit

dkyazzentwatwa/chatgpt-skills:blog-post-optimizer

github.com/dkyazzentwatwa/chatgpt-skills

AI SkillCommit d4bad33523ff

CRITICAL

Scanned about 1 month ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

dkyazzentwatwa/chatgpt-skills:blog-post-optimizer received a trust score of 36/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.

SkillShield's automated analysis identified 9 findings: 0 critical, 1 high, 7 medium, and 0 low severity. Key findings include Unpinned Python dependency version, Arbitrary File Write via Unsanitized Output Path, Runtime Download of NLTK Data.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The Dependency Graph layer scored lowest at 51/100, indicating areas for improvement.

Last analyzed on February 24, 2026 (commit d4bad335). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

85%

Dependency Graph

51%

LLM Behavioral Safety

100%

Behavioral Risk Signals

Network Access

1 finding

Filesystem Write

1 finding

Shell Execution

2 findings

Dynamic Code

1 finding

Excessive Permissions

1 finding

Security Findings9

Severity	Finding	Layer	Location
HIGH	Arbitrary File Write via Unsanitized Output Path The `export_html_report` function writes an HTML report to a file path specified by the `output_path` argument without any sanitization or validation. If an attacker or a malicious prompt can control this `output_path` (e.g., via CLI arguments or direct function calls), they could specify an arbitrary file path, potentially leading to overwriting critical system files, writing to sensitive directories (e.g., web server roots for XSS, or cron job directories for command execution), or exfiltrating data by writing it to a publicly accessible location. This constitutes an arbitrary file write vulnerability. Implement robust path validation for `output_path`. Ensure the path is normalized, does not contain path traversal sequences (e.g., `..`), and is restricted to a designated, non-sensitive output directory (e.g., a temporary directory or a user-specific output folder). Consider using `pathlib.Path.resolve()` and checking against an allowed base directory.	Static	scripts/blog_post_optimizer.py:409
MEDIUM	Unpinned Python dependency version Requirement 'nltk>=3.8.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'.	Dependencies	blog-post-optimizer/scripts/requirements.txt:1
MEDIUM	Unpinned Python dependency version Requirement 'textblob>=0.17.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'.	Dependencies	blog-post-optimizer/scripts/requirements.txt:2
MEDIUM	Unpinned Python dependency version Requirement 'beautifulsoup4>=4.12.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'.	Dependencies	blog-post-optimizer/scripts/requirements.txt:3
MEDIUM	Unpinned Python dependency version Requirement 'pandas>=2.0.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'.	Dependencies	blog-post-optimizer/scripts/requirements.txt:4
MEDIUM	Unpinned Python dependency version Requirement 'matplotlib>=3.7.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'.	Dependencies	blog-post-optimizer/scripts/requirements.txt:5
MEDIUM	Unpinned Python dependency version Requirement 'reportlab>=4.0.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'.	Dependencies	blog-post-optimizer/scripts/requirements.txt:6
MEDIUM	Unpinned Python dependency version Requirement 'lxml>=4.9.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'.	Dependencies	blog-post-optimizer/scripts/requirements.txt:7
INFO	Runtime Download of NLTK Data The skill attempts to download NLTK 'punkt' tokenizer data at runtime if it's not found locally. While NLTK is a reputable library, downloading external resources during execution introduces a dependency on the availability and integrity of NLTK's data servers. In a highly controlled environment, this could be considered an external network dependency that might be blocked or, in a worst-case scenario, a vector for compromised data if NLTK's data servers were ever maliciously altered. For production deployments or environments with strict network policies, it is recommended to pre-download and bundle all necessary NLTK data with the skill package. This eliminates runtime external dependencies and ensures consistent behavior and data integrity.	Static	scripts/blog_post_optimizer.py:59

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/f801bdc401f81c77.svg)](https://skillshield.io/report/f801bdc401f81c77)