Security Audit
dkyazzentwatwa/chatgpt-skills:classification-helper
github.com/dkyazzentwatwa/chatgpt-skillsTrust Assessment
dkyazzentwatwa/chatgpt-skills:classification-helper received a trust score of 50/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 8 findings: 0 critical, 0 high, 7 medium, and 1 low severity. Key findings include Unpinned Python dependency version, Arbitrary file read via user-controlled data path, Arbitrary file write via user-controlled output path.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The Dependency Graph layer scored lowest at 65/100, indicating areas for improvement.
Last analyzed on February 24, 2026 (commit d4bad335). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings8
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Unpinned Python dependency version Requirement 'scikit-learn>=1.3.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'. | Dependencies | classification-helper/scripts/requirements.txt:1 | |
| MEDIUM | Unpinned Python dependency version Requirement 'pandas>=2.0.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'. | Dependencies | classification-helper/scripts/requirements.txt:2 | |
| MEDIUM | Unpinned Python dependency version Requirement 'numpy>=1.24.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'. | Dependencies | classification-helper/scripts/requirements.txt:3 | |
| MEDIUM | Unpinned Python dependency version Requirement 'matplotlib>=3.7.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'. | Dependencies | classification-helper/scripts/requirements.txt:4 | |
| MEDIUM | Unpinned Python dependency version Requirement 'seaborn>=0.12.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'. | Dependencies | classification-helper/scripts/requirements.txt:5 | |
| MEDIUM | Arbitrary file read via user-controlled data path The `classification_helper.py` script reads data from a CSV file specified by the `--data` command-line argument. If an attacker can control this argument, they could potentially instruct the skill to read arbitrary files on the filesystem that the skill's execution environment has access to, leading to data exfiltration. Implement strict validation or sandboxing for file paths provided by users. Restrict file access to a designated data directory. Avoid allowing arbitrary file paths. | LLM | scripts/classification_helper.py:110 | |
| MEDIUM | Arbitrary file write via user-controlled output path The `classification_helper.py` script saves the trained model to a file path specified by the `--output` command-line argument. This allows the skill to write a pickled model file to any location on the filesystem that the skill's execution environment has write permissions to. An attacker could exploit this to overwrite existing files, write to sensitive locations, or exfiltrate data by writing it to an accessible location. Implement strict validation or sandboxing for file paths provided by users. Restrict file write access to a designated output directory. Avoid allowing arbitrary file paths. | LLM | scripts/classification_helper.py:95 | |
| LOW | Unpinned dependencies in requirements.txt The `requirements.txt` file specifies dependencies using minimum versions (e.g., `scikit-learn>=1.3.0`) rather than exact versions. This can lead to non-deterministic builds and introduces a potential supply chain risk, as a future, potentially malicious, version of a dependency could be installed without explicit review. Pin all dependencies to exact versions (e.g., `scikit-learn==1.3.0`) to ensure reproducible builds and mitigate risks from unexpected updates or malicious package versions. Use a lock file (e.g., `pip freeze > requirements.lock`) or tools like `pip-tools`. | LLM | scripts/requirements.txt:1 |
Scan History
Embed Code
[](https://skillshield.io/report/33de9b45161b6ab6)
Powered by SkillShield