Security Audit

hugging-face-paper-publisher

github.com/huggingface/skills

AI SkillCommit 3f4f55d6264b

CAUTION

Scanned 9 days ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

hugging-face-paper-publisher received a trust score of 63/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.

SkillShield's automated analysis identified 3 findings: 0 critical, 2 high, 1 medium, and 0 low severity. Key findings include Suspicious import: requests, Arbitrary File Write via User-Controlled Output Path.

The analysis covered 4 layers: manifest_analysis, llm_behavioral_safety, static_code_analysis, dependency_graph. The static_code_analysis layer scored lowest at 63/100, indicating areas for improvement.

Last analyzed on February 11, 2026 (commit 3f4f55d6). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

63%

Dependency Graph

100%

LLM Behavioral Safety

100%

Behavioral Risk Signals

Network Access

1 finding

Filesystem Write

2 findings

Excessive Permissions

3 findings

Security Findings3

Severity	Finding	Layer	Location
HIGH	Arbitrary File Write via User-Controlled Output Path The `_create_research_article` and `_convert_markdown_to_html` functions in `scripts/paper_manager.py` allow users to specify an arbitrary `output` file path. An attacker could exploit this by providing a path to a sensitive system file (e.g., `/etc/passwd`, `~/.bashrc`) to overwrite or create it with arbitrary content, leading to denial of service, privilege escalation, or other system compromises. Restrict output file paths to a designated safe directory (e.g., a temporary directory or a subdirectory within the skill's workspace). Validate and sanitize user-provided paths to prevent directory traversal attacks (e.g., using `pathlib.Path.resolve()` and checking against an allowed base directory).	Unknown	scripts/paper_manager.py:410
HIGH	Arbitrary File Write via User-Controlled Output Path The `_create_research_article` and `_convert_markdown_to_html` functions in `scripts/paper_manager.py` allow users to specify an arbitrary `output` file path. An attacker could exploit this by providing a path to a sensitive system file (e.g., `/etc/passwd`, `~/.bashrc`) to overwrite or create it with arbitrary content, leading to denial of service, privilege escalation, or other system compromises. Restrict output file paths to a designated safe directory (e.g., a temporary directory or a subdirectory within the skill's workspace). Validate and sanitize user-provided paths to prevent directory traversal attacks (e.g., using `pathlib.Path.resolve()` and checking against an allowed base directory).	Unknown	scripts/paper_manager.py:460
MEDIUM	Suspicious import: requests Import of 'requests' detected. This module provides network or low-level system access. Verify this import is necessary. Network and system modules in skill code may indicate data exfiltration.	Unknown	/var/folders/1k/67b8r20n777f_xcmmm8b7m5h0000gn/T/skillscan-clone-iv40fem2/repo/skills/hugging-face-paper-publisher/scripts/paper_manager.py:28

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/7baf3437ea3ba3d3.svg)](https://skillshield.io/report/7baf3437ea3ba3d3)