Trust Assessment
price-monitor-fr received a trust score of 51/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 5 findings: 1 critical, 2 high, 2 medium, and 0 low severity. Key findings include Missing required field: name, Suspicious import: urllib.request, Arbitrary File Deletion via Path Traversal in Product ID.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 40/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings5
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Arbitrary File Deletion via Path Traversal in Product ID The `remove` command takes a `product_id` from user input and uses it directly to construct a file path for deletion (`os.remove(_history_path(product_id))`). An attacker can provide a `product_id` containing path traversal sequences (e.g., `../../../../etc/passwd`) to delete arbitrary files on the system, leading to severe system compromise or denial of service. Validate the `product_id` to ensure it is a valid UUID hex string before using it in file path operations. Alternatively, sanitize the input to remove any path traversal sequences (e.g., `..`, `/`) or use a more robust file system access control mechanism. | LLM | scripts/monitor.py:305 | |
| HIGH | Arbitrary File Read via Path Traversal in Product ID The `history` command takes a `product_id` from user input and uses it directly to construct a file path for reading (`_load_history(product_id)` which calls `_load_json(_history_path(product_id))`). An attacker can provide a `product_id` containing path traversal sequences (e.g., `../../../../etc/passwd`) to read the content of arbitrary files on the system, leading to data exfiltration. Validate the `product_id` to ensure it is a valid UUID hex string before using it in file path operations. Alternatively, sanitize the input to remove any path traversal sequences (e.g., `..`, `/`) or use a more robust file system access control mechanism. | LLM | scripts/monitor.py:310 | |
| HIGH | Local File Disclosure via URL Fetching The `add` command accepts a URL from user input, which is then fetched using `urllib.request.urlopen`. The `urlopen` function supports the `file://` scheme. An attacker could provide a `file:///path/to/sensitive/file` URL, causing the skill to read the content of local files. Although the script attempts to parse the content as HTML, it could still expose raw file content if parsing fails or if the content is simple text, leading to data exfiltration. Implement strict URL validation to only allow HTTP/HTTPS schemes for product URLs. Reject any URLs using `file://` or other potentially dangerous schemes. Consider using a dedicated library for URL validation that can enforce scheme restrictions. | LLM | scripts/monitor.py:196 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/hugosbl/price-monitor-fr/SKILL.md:1 | |
| MEDIUM | Suspicious import: urllib.request Import of 'urllib.request' detected. This module provides network or low-level system access. Verify this import is necessary. Network and system modules in skill code may indicate data exfiltration. | Static | skills/hugosbl/price-monitor-fr/scripts/monitor.py:15 |
Scan History
Embed Code
[](https://skillshield.io/report/750d7a027205f03c)
Powered by SkillShield