Trust Assessment
equity-analyst received a trust score of 10/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 12 findings: 3 critical, 3 high, 4 medium, and 2 low severity. Key findings include Arbitrary command execution, Dangerous call: subprocess.run(), Suspicious import: requests.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The Manifest Analysis layer scored lowest at 10/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings12
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Arbitrary command execution Python shell execution (os.system, subprocess) Review all shell execution calls. Ensure commands are static (not built from user input), use absolute paths, and are strictly necessary. Prefer library APIs over shell commands. | Manifest | skills/saebyeok-im/equity-analyst/scripts/daily_popular_report.py:16 | |
| CRITICAL | Arbitrary command execution Python shell execution (os.system, subprocess) Review all shell execution calls. Ensure commands are static (not built from user input), use absolute paths, and are strictly necessary. Prefer library APIs over shell commands. | Manifest | skills/saebyeok-im/equity-analyst/scripts/daily_popular_report.py:210 | |
| CRITICAL | Arbitrary command execution Python shell execution (os.system, subprocess) Review all shell execution calls. Ensure commands are static (not built from user input), use absolute paths, and are strictly necessary. Prefer library APIs over shell commands. | Manifest | skills/saebyeok-im/equity-analyst/scripts/morning_report.py:131 | |
| HIGH | Dangerous call: subprocess.run() Call to 'subprocess.run()' detected in function 'run_cmd'. This can execute arbitrary code. Avoid using dangerous functions like exec/eval/os.system. Use safer alternatives. | Static | skills/saebyeok-im/equity-analyst/scripts/daily_popular_report.py:16 | |
| HIGH | Dangerous call: subprocess.run() Call to 'subprocess.run()' detected in function 'analyze_stock_with_script'. This can execute arbitrary code. Avoid using dangerous functions like exec/eval/os.system. Use safer alternatives. | Static | skills/saebyeok-im/equity-analyst/scripts/daily_popular_report.py:210 | |
| HIGH | Dangerous call: subprocess.run() Call to 'subprocess.run()' detected in function 'analyze_with_script'. This can execute arbitrary code. Avoid using dangerous functions like exec/eval/os.system. Use safer alternatives. | Static | skills/saebyeok-im/equity-analyst/scripts/morning_report.py:131 | |
| MEDIUM | Suspicious import: requests Import of 'requests' detected. This module provides network or low-level system access. Verify this import is necessary. Network and system modules in skill code may indicate data exfiltration. | Static | skills/saebyeok-im/equity-analyst/scripts/morning_report.py:24 | |
| MEDIUM | Suspicious import: requests Import of 'requests' detected. This module provides network or low-level system access. Verify this import is necessary. Network and system modules in skill code may indicate data exfiltration. | Static | skills/saebyeok-im/equity-analyst/scripts/scrape_naver.py:19 | |
| MEDIUM | Hardcoded Absolute Path for Data Input The `scripts/quick_report.py` script reads data from a hardcoded absolute path: `C:/Users/IM/.openclaw/workspace/test_morning_report.json`. If an attacker can control the content of this file (e.g., by replacing it with sensitive data or a symlink to another file like `/etc/passwd`), the skill could inadvertently process and potentially exfiltrate this data if it's included in the generated report. Although this is a test script, hardcoding absolute paths outside the skill's own directory creates a specific target for local file system attacks. Avoid hardcoding absolute paths for data input, especially outside the skill's own directory. Use relative paths, environment variables, or configuration files to specify data locations. Ensure test data is isolated and not susceptible to manipulation. | LLM | scripts/quick_report.py:9 | |
| MEDIUM | Hardcoded Absolute Path for Data Output The `scripts/quick_report.py` script writes its report to a hardcoded absolute path: `C:/Users/IM/.openclaw/workspace/morning_report_output.txt`. If an attacker can control this path (e.g., by creating a symlink to a critical system file), it could lead to arbitrary file writes, potentially corrupting system files or injecting malicious content. Although this is a test script, hardcoding absolute paths outside the skill's own directory creates a specific target for local file system attacks. Avoid hardcoding absolute paths for data output. Use relative paths, environment variables, or configuration files. Ensure output files are written to secure, non-critical locations. | LLM | scripts/quick_report.py:31 | |
| LOW | Unpinned Python Dependencies The skill's Python scripts (`scripts/scrape_naver.py` and `scripts/morning_report.py`) import external libraries (`requests`, `beautifulsoup4`) without specifying exact versions. This can lead to supply chain risks if a future version of these libraries introduces vulnerabilities or breaking changes, or if a malicious version is installed due to dependency resolution issues. While these are common libraries, best practice dictates pinning dependencies to known good versions. Pin all external Python dependencies to specific versions (e.g., `requests==2.28.1`, `beautifulsoup4==4.11.1`) in a `requirements.txt` file and ensure installation uses these pinned versions. | LLM | scripts/scrape_naver.py:10 | |
| LOW | Unpinned Python Dependencies The skill's Python scripts (`scripts/scrape_naver.py` and `scripts/morning_report.py`) import external libraries (`requests`, `beautifulsoup4`) without specifying exact versions. This can lead to supply chain risks if a future version of these libraries introduces vulnerabilities or breaking changes, or if a malicious version is installed due to dependency resolution issues. While these are common libraries, best practice dictates pinning dependencies to known good versions. Pin all external Python dependencies to specific versions (e.g., `requests==2.28.1`, `beautifulsoup4==4.11.1`) in a `requirements.txt` file and ensure installation uses these pinned versions. | LLM | scripts/morning_report.py:14 |
Scan History
Embed Code
[](https://skillshield.io/report/7ab7a2f04644f5d6)
Powered by SkillShield