Trust Assessment
simmer-tradejournal received a trust score of 72/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 0 critical, 1 high, 2 medium, and 0 low severity. Key findings include Unsafe deserialization / dynamic eval, Suspicious import: urllib.request, Arbitrary File Write via --export Argument.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Arbitrary File Write via --export Argument The skill allows users to specify an arbitrary file path for exporting trade data using the `--export` command-line argument. The `export_trades` function directly uses this user-provided path to create and write a CSV file. This could allow an attacker to write data to sensitive system files, overwrite existing files, or write to directories outside the skill's intended scope, potentially leading to data corruption, denial of service, or information disclosure if data is written to a publicly accessible location. Restrict the `--export` argument to only allow writing within a designated, sandboxed data directory. Validate the provided filename to prevent directory traversal (e.g., `../`, `/`) and ensure it does not point to sensitive system paths. A safer approach would be to only accept a filename and prepend a secure, skill-controlled output directory to it. | LLM | tradejournal.py:520 | |
| MEDIUM | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Manifest | skills/adlai88/simmer-tradejournal/tradejournal.py:537 | |
| MEDIUM | Suspicious import: urllib.request Import of 'urllib.request' detected. This module provides network or low-level system access. Verify this import is necessary. Network and system modules in skill code may indicate data exfiltration. | Static | skills/adlai88/simmer-tradejournal/tradejournal.py:29 |
Scan History
Embed Code
[](https://skillshield.io/report/9c33d1ae538bf258)
Powered by SkillShield