Security Audit

dkyazzentwatwa/chatgpt-skills:data-storyteller

github.com/dkyazzentwatwa/chatgpt-skills

AI SkillCommit d4bad33523ff

CRITICAL

Scanned about 1 month ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

dkyazzentwatwa/chatgpt-skills:data-storyteller received a trust score of 10/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.

SkillShield's automated analysis identified 9 findings: 1 critical, 1 high, 7 medium, and 0 low severity. Key findings include Unpinned Python dependency version, Arbitrary File Read via User-Controlled Path, Arbitrary File Write via User-Controlled Output Path.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The Dependency Graph layer scored lowest at 51/100, indicating areas for improvement.

Last analyzed on February 24, 2026 (commit d4bad335). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

55%

Dependency Graph

51%

LLM Behavioral Safety

100%

Behavioral Risk Signals

Filesystem Write

2 findings

Shell Execution

1 finding

Excessive Permissions

1 finding

Security Findings9

Severity	Finding	Layer	Location
CRITICAL	Arbitrary File Write via User-Controlled Output Path The `export_pdf`, `export_html`, and `export_charts` methods allow writing files to arbitrary locations on the filesystem. The `output_path` (or `output_dir`) argument is directly used in `reportlab.platypus.SimpleDocTemplate()`, Python's built-in `open()`, and `pathlib.Path.mkdir()`. An attacker can provide a path like `/etc/cron.d/malicious_job` or `../../../../var/www/html/shell.php` to overwrite sensitive system files, create malicious cron jobs, or upload web shells, potentially leading to remote code execution or system compromise. Implement strict path validation and sanitization. Ensure that all output paths are restricted to a designated, sandboxed output directory. Prevent path traversal sequences (e.g., `..`) and absolute paths. Consider generating a unique, temporary filename within a secure directory for all outputs.	Static	scripts/data_storyteller.py:400
HIGH	Arbitrary File Read via User-Controlled Path The `_load_file` method directly uses a user-provided file path (passed as the `data` argument to the `DataStoryteller` constructor) to read data. An attacker can supply a path like `/etc/passwd` or `../../../../sensitive_data.txt` to read arbitrary files from the filesystem, leading to data exfiltration or unauthorized access to system files. The `open(path, 'r')` call for delimiter detection and subsequent `pandas.read_*` calls are vulnerable. Implement strict path validation and sanitization. Ensure that the provided `path` is within an allowed, designated data directory and does not contain path traversal sequences (e.g., `..`). Consider using a sandboxed environment or a dedicated file storage service for input files.	Static	scripts/data_storyteller.py:96
MEDIUM	Unpinned Python dependency version Requirement 'pandas>=2.0.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'.	Dependencies	data-storyteller/scripts/requirements.txt:1
MEDIUM	Unpinned Python dependency version Requirement 'numpy>=1.24.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'.	Dependencies	data-storyteller/scripts/requirements.txt:2
MEDIUM	Unpinned Python dependency version Requirement 'matplotlib>=3.7.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'.	Dependencies	data-storyteller/scripts/requirements.txt:3
MEDIUM	Unpinned Python dependency version Requirement 'seaborn>=0.12.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'.	Dependencies	data-storyteller/scripts/requirements.txt:4
MEDIUM	Unpinned Python dependency version Requirement 'scipy>=1.10.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'.	Dependencies	data-storyteller/scripts/requirements.txt:5
MEDIUM	Unpinned Python dependency version Requirement 'reportlab>=4.0.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'.	Dependencies	data-storyteller/scripts/requirements.txt:6
MEDIUM	Unpinned Python dependency version Requirement 'openpyxl>=3.1.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'.	Dependencies	data-storyteller/scripts/requirements.txt:7

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/0c4d5c00d883b330.svg)](https://skillshield.io/report/0c4d5c00d883b330)