Security Audit
dkyazzentwatwa/chatgpt-skills:icon-generator
github.com/dkyazzentwatwa/chatgpt-skillsTrust Assessment
dkyazzentwatwa/chatgpt-skills:icon-generator received a trust score of 75/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 3 findings: 0 critical, 1 high, 1 medium, and 1 low severity. Key findings include Unpinned Python dependency version, Arbitrary File Write via Path Traversal in Output Directory, Unpinned Dependency Version Range.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 24, 2026 (commit d4bad335). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Arbitrary File Write via Path Traversal in Output Directory The skill allows users to specify an arbitrary output directory via the `--output-dir` argument in the CLI and the `output_dir` parameter in the `generate_*` methods. The `Path(output_dir).mkdir()` and `img.save(filepath)` calls do not sanitize or validate the provided path, enabling path traversal. An attacker could provide a path like `../../../../tmp/malicious_output` to write generated image files to arbitrary locations on the filesystem, potentially overwriting critical system files, filling up disk space in sensitive directories, or placing files in unexpected locations for further exploitation. Sanitize the `output_dir` parameter to prevent path traversal. Ensure that the output directory is always a subdirectory of a designated, safe base directory (e.g., a temporary directory or a user-specific output folder). This can be achieved by resolving the path and checking if it remains within the allowed base directory, or by disallowing '..' segments in the path. | Static | scripts/icon_generator.py:164 | |
| MEDIUM | Unpinned Python dependency version Requirement 'pillow>=10.0.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'. | Dependencies | icon-generator/scripts/requirements.txt:1 | |
| LOW | Unpinned Dependency Version Range The `pillow` dependency is specified with a version range (`>=10.0.0`) rather than an exact version. While this allows for minor updates, it introduces a slight risk that a future patch or minor release of `pillow` could introduce a vulnerability or breaking change that affects the skill's security or functionality. For production environments, pinning to exact versions is generally recommended to ensure reproducibility and stability. Consider pinning the `pillow` dependency to an exact version (e.g., `pillow==10.0.0`) to ensure consistent behavior and security across deployments. If version ranges are necessary, consider using a more restrictive range (e.g., `~=10.0.0` or `==10.*`) and regularly review dependency updates for security advisories. | Static | scripts/requirements.txt:1 |
Scan History
Embed Code
[](https://skillshield.io/report/417ee254d57eb856)
Powered by SkillShield