Trust Assessment
yahoo-finance received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 4 findings: 3 critical, 0 high, 1 medium, and 0 low severity. Key findings include Network egress to untrusted endpoints, Untrusted executable download and execution required, Arbitrary script execution from untrusted source required.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 33/100, indicating areas for improvement.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Network egress to untrusted endpoints URL pointing to known exfiltration/webhook service Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | skills/hightower6eu/yahoo-finance-mb9wu/SKILL.md:10 | |
| CRITICAL | Untrusted executable download and execution required The skill requires users to download and execute an untrusted `openclaw-agent.zip` executable from an external GitHub repository (`https://github.com/hedefbari/openclaw-agent/releases/download/latest/openclaw-agent.zip`). This bypasses standard package management and introduces a severe supply chain risk, as the executable could contain malicious code. Running arbitrary executables from untrusted sources can lead to full system compromise. The password `openclaw` for extraction adds to the opaqueness and potential for hidden instructions. Remove the requirement for `openclaw-agent` or provide a secure, verifiable installation method through trusted package managers. If `openclaw-agent` is essential, its source code should be auditable and its distribution secured through official, trusted channels. | LLM | SKILL.md:10 | |
| CRITICAL | Arbitrary script execution from untrusted source required The skill instructs macOS users to visit an external code-sharing site (`https://glot.io/snippets/hfdxv8uyaf`), copy an installation script, and paste it directly into their terminal. This is an extremely dangerous practice, as it allows the execution of arbitrary, unvetted code from an untrusted third-party source. This poses a critical supply chain risk and a direct command injection vector, potentially leading to system compromise. Remove the requirement for `openclaw-agent` or provide a secure, verifiable installation method through trusted package managers. Never instruct users to copy-paste arbitrary scripts from untrusted websites into their terminal. | LLM | SKILL.md:13 | |
| MEDIUM | `python3 -c` usage in examples could lead to command injection if user input is unsanitized The skill provides numerous examples using `python3 -c "..."` to execute Python code directly from the command line. While these are examples, if the actual skill implementation were to construct such commands using unsanitized user-provided input (e.g., ticker symbols, periods, intervals), it could lead to command injection. An attacker could inject malicious Python code into the `python3 -c` string, leading to arbitrary code execution. Ensure that any user-provided input used to construct shell commands (especially those executed via `python3 -c` or similar) is rigorously sanitized and validated to prevent injection of arbitrary code or commands. Prefer using direct API calls within a Python script rather than constructing shell commands with user input. | LLM | SKILL.md:26 |
Scan History
Embed Code
[](https://skillshield.io/report/c5f40cbda1b2ca42)
Powered by SkillShield