Security Audit
dkyazzentwatwa/chatgpt-skills:clustering-analyzer
github.com/dkyazzentwatwa/chatgpt-skillsTrust Assessment
dkyazzentwatwa/chatgpt-skills:clustering-analyzer received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 7 findings: 0 critical, 2 high, 5 medium, and 0 low severity. Key findings include Unpinned Python dependency version, Arbitrary File Read via `load_csv`, Arbitrary File Write via `save_labeled` and Plotting Functions.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The Dependency Graph layer scored lowest at 65/100, indicating areas for improvement.
Last analyzed on February 24, 2026 (commit d4bad335). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings7
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Arbitrary File Read via `load_csv` The `load_csv` method in `ClusteringAnalyzer` directly uses the provided `filepath` argument with `pd.read_csv`. This allows an attacker to specify an arbitrary file path on the system, potentially leading to the reading of sensitive files (e.g., `/etc/passwd`, `~/.ssh/id_rsa`). While the skill expects CSV data, the attempt to read any file path is a significant risk. If a sensitive file is successfully parsed as CSV, its contents could be processed and potentially leaked through the skill's output (e.g., cluster statistics, labels). Implement strict path validation and sandboxing for `filepath` arguments. Restrict file access to a designated, isolated directory. Prevent directory traversal (e.g., `../`) and absolute paths outside the sandbox. Consider if direct file path input is necessary, or if data should be passed as a string or DataFrame directly to the skill. | Static | scripts/clustering_analyzer.py:39 | |
| HIGH | Arbitrary File Write via `save_labeled` and Plotting Functions The `save_labeled`, `plot_clusters`, `elbow_plot`, `plot_dendrogram`, and `plot_silhouette` methods allow writing data or images to arbitrary file paths specified by the `output` argument. An attacker could exploit this to overwrite critical system files, write sensitive processed data to an accessible location, or fill up disk space. This grants excessive write permissions to the skill. Implement strict path validation and sandboxing for `output` arguments. Restrict file writing to a designated, isolated output directory. Prevent directory traversal (e.g., `../`) and absolute paths outside the sandbox. Ensure that any data written is not sensitive or that the output location is secure and ephemeral. | Static | scripts/clustering_analyzer.py:340 | |
| MEDIUM | Unpinned Python dependency version Requirement 'scikit-learn>=1.3.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'. | Dependencies | clustering-analyzer/scripts/requirements.txt:1 | |
| MEDIUM | Unpinned Python dependency version Requirement 'pandas>=2.0.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'. | Dependencies | clustering-analyzer/scripts/requirements.txt:2 | |
| MEDIUM | Unpinned Python dependency version Requirement 'numpy>=1.24.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'. | Dependencies | clustering-analyzer/scripts/requirements.txt:3 | |
| MEDIUM | Unpinned Python dependency version Requirement 'matplotlib>=3.7.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'. | Dependencies | clustering-analyzer/scripts/requirements.txt:4 | |
| MEDIUM | Unpinned Python dependency version Requirement 'scipy>=1.10.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'. | Dependencies | clustering-analyzer/scripts/requirements.txt:5 |
Scan History
Embed Code
[](https://skillshield.io/report/6929908e8388f663)
Powered by SkillShield