Trust Assessment
trading-coach received a trust score of 70/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 0 critical, 2 high, 1 medium, and 0 low severity. Key findings include Skill relies on external, unvetted GitHub repository, Installation of unpinned Python dependencies from `requirements.txt`, Skill processes sensitive financial data with unvetted external code.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 63/100, indicating areas for improvement.
Last analyzed on February 12, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Skill relies on external, unvetted GitHub repository The skill's setup instructions direct users to clone an external GitHub repository (`https://github.com/BENZEMA216/tradingcoach.git`). This introduces a significant supply chain risk. The integrity and security of this external repository are outside the control of the skill's package. If the repository is compromised or contains malicious code, any user following these setup instructions could have their system compromised. For an AI agent skill, this means the skill's functionality is entirely dependent on external code that is not part of the audited skill package. For AI agent skills, it is generally recommended to include all necessary code directly within the skill package or use well-established, audited libraries. If external dependencies are unavoidable, implement robust vetting processes for the external repository, including regular security audits and code reviews. Users should be explicitly warned about the risks of executing code from external sources. | LLM | SKILL.md:24 | |
| HIGH | Skill processes sensitive financial data with unvetted external code The primary function of this skill is to process user-provided "trading CSVs," which inherently contain highly sensitive financial transaction data. Given the identified supply chain risks (reliance on an external GitHub repository and unpinned Python dependencies), there is a significant and credible risk that malicious code, if present in these external components, could be designed to exfiltrate this sensitive user data. This risk is amplified by the nature of the data being processed. Implement robust security measures for handling sensitive data, including data encryption, access controls, and strict logging. Conduct thorough security audits of all code, especially external dependencies, to ensure no data exfiltration vectors exist. Provide clear data privacy policies and obtain explicit user consent for data processing. Consider sandboxing the execution environment for data processing tasks. | LLM | SKILL.md:32 | |
| MEDIUM | Installation of unpinned Python dependencies from `requirements.txt` The skill's setup instructions include `pip install -r requirements.txt`. Without specific version pinning (e.g., `package==1.2.3`) for all dependencies in `requirements.txt`, this practice can lead to several supply chain vulnerabilities:
1. **Vulnerable Versions**: Users might inadvertently install older, vulnerable versions of packages.
2. **Breaking Changes**: Newer, incompatible versions could break the skill's functionality.
3. **Typosquatting/Malicious Packages**: If a dependency name is misspelled or a malicious package with a similar name is published, `pip` could install the wrong package.
The content of `requirements.txt` is not provided, so the exact risk cannot be fully assessed, but the general practice is risky. All dependencies in `requirements.txt` should be explicitly pinned to exact versions (e.g., `package==X.Y.Z`). Use a dependency management tool that generates lock files (e.g., `pip-tools`, Poetry, PDM) to ensure reproducible and secure installations. Regularly audit dependencies for known vulnerabilities using tools like `pip-audit` or Snyk. | LLM | SKILL.md:28 |
Scan History
Embed Code
[](https://skillshield.io/report/0c5d2a3ef4d2ffb2)
Powered by SkillShield