Security Audit
dkyazzentwatwa/chatgpt-skills:content-similarity-checker
github.com/dkyazzentwatwa/chatgpt-skillsTrust Assessment
dkyazzentwatwa/chatgpt-skills:content-similarity-checker received a trust score of 58/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 6 findings: 0 critical, 1 high, 4 medium, and 0 low severity. Key findings include Unpinned Python dependency version, Broad Filesystem Read/Write Access via User-Controlled Paths, Dynamic Download of NLTK Data.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 24, 2026 (commit d4bad335). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings6
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Broad Filesystem Read/Write Access via User-Controlled Paths The skill's core functionality involves reading content from arbitrary files and directories specified by user input (e.g., `--file1`, `--file2`, `--folder`) and writing output to user-specified paths (`--output`). This grants the skill broad filesystem access, which could be exploited by an attacker to read sensitive files (e.g., configuration files, credentials, user data) or write malicious content to arbitrary locations on the host system if they can control the input arguments to the skill. Implement strict input validation and sandboxing for file paths. Restrict file operations to a designated, isolated directory (e.g., a temporary sandbox folder) and avoid allowing arbitrary paths from user input. If the agent environment supports it, use a virtual filesystem or capabilities-based security to limit the skill's access to only necessary resources. | LLM | scripts/similarity_checker.py:300 | |
| MEDIUM | Unpinned Python dependency version Requirement 'scikit-learn>=1.3.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'. | Dependencies | content-similarity-checker/scripts/requirements.txt:1 | |
| MEDIUM | Unpinned Python dependency version Requirement 'nltk>=3.8.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'. | Dependencies | content-similarity-checker/scripts/requirements.txt:2 | |
| MEDIUM | Unpinned Python dependency version Requirement 'numpy>=1.24.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'. | Dependencies | content-similarity-checker/scripts/requirements.txt:3 | |
| MEDIUM | Unpinned Python dependency version Requirement 'pandas>=2.0.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'. | Dependencies | content-similarity-checker/scripts/requirements.txt:4 | |
| INFO | Dynamic Download of NLTK Data The skill attempts to download NLTK stopwords and punkt data if not already present during initialization. This involves an outbound network call to the NLTK data server. While NLTK is a trusted library, any external network dependency introduces a minor risk, as a compromise of the NLTK data server could theoretically lead to the download of malicious data, or it could be used to exfiltrate information about the environment by making the request. Pre-install all necessary NLTK data during the skill's build or deployment process to eliminate runtime network calls. Ensure the skill operates in an environment with restricted outbound network access if possible. | LLM | scripts/similarity_checker.py:30 |
Scan History
Embed Code
[](https://skillshield.io/report/6e6bc8cbb3cc495b)
Powered by SkillShield