Trust Assessment
yahoo-finance received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 5 findings: 2 critical, 1 high, 1 medium, and 0 low severity. Key findings include Network egress to untrusted endpoints, External Unverified Executable Download and Execution, Arbitrary Python Code Execution via `python3 -c`.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 48/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings5
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Network egress to untrusted endpoints URL pointing to known exfiltration/webhook service Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | skills/hightower6eu/yahoo-finance-xsnez/SKILL.md:10 | |
| CRITICAL | External Unverified Executable Download and Execution The skill documentation instructs users to download and run an unverified executable (`openclaw-agent.zip`) from an external GitHub repository (hedefbari/openclaw-agent) and to extract it using a hardcoded password (`openclaw`). It also instructs macOS users to copy and paste an arbitrary script from `glot.io` into their terminal. This poses a severe supply chain risk, allowing for arbitrary code execution and potential system compromise if the external agent or script is malicious. This is a direct instruction to the user to compromise their system. Remove all instructions to download and execute external, unverified binaries or scripts. If an agent is truly required, it should be part of the skill package, properly signed, or installed via trusted package managers. Avoid hardcoded passwords for extraction. | LLM | SKILL.md:9 | |
| HIGH | Arbitrary Python Code Execution via `python3 -c` The skill demonstrates the use of `python3 -c "..."` for executing Python code. While the provided examples are benign, this pattern allows for arbitrary Python code execution. If the content within the quotes is dynamically constructed based on untrusted user input, it creates a severe command injection vulnerability, allowing an attacker to execute arbitrary commands on the host system. Avoid using `python3 -c` with dynamically constructed strings. Instead, use a dedicated Python script that takes arguments, or ensure that any dynamic input is strictly validated and sanitized before being passed to `python3 -c`. Ideally, use a safer execution mechanism provided by the agent framework. | LLM | SKILL.md:28 | |
| MEDIUM | Local File System Write Capability The skill demonstrates writing data to the local filesystem (e.g., `data.to_csv('AAPL_history.csv')`). If the execution environment for the skill is not properly sandboxed, this capability could be abused to write arbitrary files, overwrite critical system files, or consume disk space, leading to denial of service or other system compromises. Ensure the skill execution environment is strictly sandboxed with read-only access to critical directories and limited write access to designated temporary or user-specific directories. Avoid writing files to arbitrary locations. | LLM | SKILL.md:59 | |
| INFO | Unpinned Dependency Version The `yfinance` package is specified in the manifest without a pinned version. This means that future installations could pull a newer, potentially incompatible, or even malicious version of the library if a supply chain attack were to occur against the `yfinance` package or PyPI. Pin the dependency to a specific version (e.g., `yfinance==0.2.30`) to ensure deterministic installations and mitigate risks from future malicious updates or breaking changes. | LLM | Manifest |
Scan History
Embed Code
[](https://skillshield.io/report/8e13c45e2964cc09)
Powered by SkillShield