Security Audit
dkyazzentwatwa/chatgpt-skills:financial-calculator
github.com/dkyazzentwatwa/chatgpt-skillsTrust Assessment
dkyazzentwatwa/chatgpt-skills:financial-calculator received a trust score of 36/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 7 findings: 0 critical, 2 high, 5 medium, and 0 low severity. Key findings include Unsafe deserialization / dynamic eval, Unpinned Python dependency version, Path Traversal in File Export/Plot Functions.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The Dependency Graph layer scored lowest at 65/100, indicating areas for improvement.
Last analyzed on February 24, 2026 (commit d4bad335). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings7
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Manifest | financial-calculator/scripts/financial_calc.py:4 | |
| HIGH | Path Traversal in File Export/Plot Functions The skill's file export and plotting functions (`export_amortization`, `export_simulation`, `export_json`, `plot_amortization`, `plot_investment_growth`, `plot_monte_carlo`, `plot_comparison`) directly use the `filename` argument provided by the user without proper sanitization. This allows an attacker to specify arbitrary file paths, potentially writing files to unintended locations on the filesystem. This could lead to overwriting critical system files (Denial of Service), writing to publicly accessible directories (Information Disclosure), or even writing malicious scripts that could be executed (Remote Code Execution if combined with other vulnerabilities). The `Path(filename).parent.mkdir()` call also creates directories based on unsanitized input, exacerbating the risk. Sanitize all `filename` arguments in file export and plotting functions. Ensure that files are written only within a designated, sandboxed output directory. A common approach is to extract only the base filename from the user input (e.g., `Path(output_dir) / Path(filename).name`) and validate that the resulting path is within the allowed output directory. | LLM | scripts/financial_calc.py:299 | |
| MEDIUM | Unpinned Python dependency version Requirement 'numpy>=1.24.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'. | Dependencies | financial-calculator/scripts/requirements.txt:1 | |
| MEDIUM | Unpinned Python dependency version Requirement 'numpy-financial>=1.0.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'. | Dependencies | financial-calculator/scripts/requirements.txt:2 | |
| MEDIUM | Unpinned Python dependency version Requirement 'pandas>=2.0.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'. | Dependencies | financial-calculator/scripts/requirements.txt:3 | |
| MEDIUM | Unpinned Python dependency version Requirement 'matplotlib>=3.7.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'. | Dependencies | financial-calculator/scripts/requirements.txt:4 | |
| MEDIUM | Unpinned Python dependency version Requirement 'scipy>=1.10.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'. | Dependencies | financial-calculator/scripts/requirements.txt:5 |
Scan History
Embed Code
[](https://skillshield.io/report/c3b00ac6ff3a2b57)
Powered by SkillShield