Trust Assessment
co2-carbon-footprint received a trust score of 60/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 4 findings: 0 critical, 2 high, 2 medium, and 0 low severity. Key findings include Missing required field: name, Arbitrary File Write via Unsanitized Path, Data Exfiltration via Arbitrary File Write.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 63/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Arbitrary File Write via Unsanitized Path The `export_results` function takes an `output_path` argument directly from user input and uses it to create an Excel file using `pd.ExcelWriter`. This allows an attacker to specify an arbitrary file path, potentially overwriting critical system files (e.g., `/etc/passwd`, `/root/.ssh/authorized_keys`) or writing to sensitive directories outside the intended scope. This can lead to denial of service, privilege escalation, or data tampering. Implement robust path validation and sanitization for `output_path`. Ensure the path is normalized, does not contain directory traversal sequences (e.g., `../`), and is restricted to a designated, sandboxed output directory. Consider using a temporary file or a dedicated output directory managed by the skill's execution environment. | LLM | SKILL.md:261 | |
| HIGH | Data Exfiltration via Arbitrary File Write The `export_results` function writes processed carbon footprint data to an Excel file at a user-specified `output_path`. If an attacker can control this path, they could direct the skill to write potentially sensitive calculation results (e.g., project-specific carbon data) to an attacker-controlled location on the file system, or to a publicly accessible web server directory, leading to data exfiltration. As with arbitrary file write, restrict `output_path` to a secure, sandboxed directory. Ensure that any data written is appropriate for the intended audience and that the output location cannot be manipulated to expose data externally. | LLM | SKILL.md:261 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/datadrivenconstruction/co2-carbon-footprint/SKILL.md:1 | |
| MEDIUM | Unpinned Dependency: pandas The skill implicitly depends on the `pandas` library, as indicated by `import pandas as pd`. However, the provided context does not specify a version for this dependency. Using unpinned dependencies can introduce supply chain risks, as future updates to `pandas` (or its sub-dependencies like `openpyxl`) could introduce breaking changes, vulnerabilities, or even malicious code without explicit review. Specify exact versions for all direct and indirect dependencies in a `requirements.txt` or similar dependency manifest. Regularly review and update dependencies to mitigate known vulnerabilities while maintaining version control. | LLM | SKILL.md:19 |
Scan History
Embed Code
[](https://skillshield.io/report/488ba5199ece3e96)
Powered by SkillShield