Trust Assessment
bybit-orderbook-backtester received a trust score of 64/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 4 findings: 0 critical, 2 high, 1 medium, and 0 low severity. Key findings include Unsafe deserialization / dynamic eval, XPath Injection via unsanitized symbol in Selenium script, Use of `--break-system-packages` in pip installation.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Manifest | skills/davidm413/bybit-order-book/backtest.py:612 | |
| HIGH | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Manifest | skills/davidm413/bybit-order-book/backtest.py:623 | |
| MEDIUM | XPath Injection via unsanitized symbol in Selenium script The `download_orderbook.py` script uses the `--symbol` command-line argument directly within XPath expressions in the `select_dropdown_option` function. The `SKILL.md` indicates that the user will be prompted for this symbol. If a malicious user provides a crafted string (e.g., `BTCUSDT'] | //*[@id='malicious_element']`), it could lead to XPath injection, allowing manipulation of the browser's interaction with the ByBit website, potentially clicking unintended elements or extracting information. Sanitize user-provided `symbol` before using it in XPath expressions. For example, escape single quotes or use parameterized XPath queries if the Selenium API supports it, or validate the input against a whitelist of allowed symbols. | LLM | download_orderbook.py:250 | |
| INFO | Use of `--break-system-packages` in pip installation The `SKILL.md` instructs users to install dependencies using `pip install ... --break-system-packages`. While this flag is sometimes necessary, it can lead to system-wide dependency conflicts and is generally discouraged for isolated skill environments. It bypasses Python's PEP 668 protection, potentially corrupting the system Python installation. Recommend installing dependencies in a virtual environment (e.g., `venv`) to isolate them from the system Python installation, or remove the `--break-system-packages` flag if not strictly necessary. | LLM | SKILL.md:8 |
Scan History
Embed Code
[](https://skillshield.io/report/4abefd908512293c)
Powered by SkillShield