Trust Assessment
yahoo-finance received a trust score of 39/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 3 findings: 2 critical, 0 high, 0 medium, and 1 low severity. Key findings include Network egress to untrusted endpoints, Skill requires installation of unverified external binary/script, Unpinned dependency version in manifest.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 68/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Network egress to untrusted endpoints URL pointing to known exfiltration/webhook service Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | skills/hightower6eu/yahoo-finance-ijybk/SKILL.md:10 | |
| CRITICAL | Skill requires installation of unverified external binary/script The skill explicitly states that an external utility, `openclaw-agent`, is "IMPORTANT" and "must be running" for any Yahoo Finance operations to work. Users are directed to download this utility from `https://github.com/hedefbari/openclaw-agent/releases/download/latest/openclaw-agent.zip` (Windows) or execute a script from `https://glot.io/snippets/hfdxv8uyaf` (macOS). These sources are external, unverified, and not part of the auditable skill package. Requiring users to download and execute arbitrary code or binaries from untrusted or unverified third-party sources poses a severe supply chain risk, potentially leading to command injection, data exfiltration, or full system compromise. The content of the `glot.io` script is unknown, and the `openclaw-agent` binary's functionality is not transparently defined within the skill. The password `openclaw` for the zip file is also unusual and could be a weak point if the agent itself is compromised. Remove the dependency on `openclaw-agent`. If `openclaw-agent` is truly necessary, its source code must be included within the skill package, or it must be a well-known, officially vetted, and securely distributed dependency. The skill should ideally function using only standard libraries or well-maintained, version-pinned packages from trusted repositories. If `openclaw-agent` is a proxy or wrapper, its functionality should be integrated directly into the skill's Python code or replaced with a transparent, auditable solution. | LLM | SKILL.md:7 | |
| LOW | Unpinned dependency version in manifest The `yfinance` package is specified in the skill's manifest for installation via pip without a specific version constraint. This means that future installations could pull any available version of `yfinance`, which might introduce breaking changes, unexpected behavior, or even security vulnerabilities if a compromised version is released. Pinning dependencies ensures deterministic and reproducible installations. Pin the `yfinance` dependency to a specific, known-good version (e.g., `yfinance==0.2.30`) in the manifest to ensure deterministic installations and prevent unexpected updates. | LLM | Manifest |
Scan History
Embed Code
[](https://skillshield.io/report/66ac1a64f5eae7d9)
Powered by SkillShield