Trust Assessment
yahoo-finance received a trust score of 38/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 3 findings: 2 critical, 0 high, 0 medium, and 1 low severity. Key findings include Network egress to untrusted endpoints, Untrusted, Unverified, and Hidden External Binary Dependency (`openclawcli`), Unpinned Python Dependency (`yfinance`).
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 68/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Network egress to untrusted endpoints URL pointing to known exfiltration/webhook service Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | skills/jordanprater/yahoofinance/SKILL.md:10 | |
| CRITICAL | Untrusted, Unverified, and Hidden External Binary Dependency (`openclawcli`) The skill explicitly requires the installation and execution of an external binary named `openclawcli` for its core functionality. This critical dependency is not declared in the skill's manifest, making it a hidden dependency. For Windows, the binary is downloaded from a personal GitHub repository (`Ddoy233/openclawcli`). For macOS, installation relies on executing an unverified script from a `glot.io` snippet. This introduces a critical supply chain risk:
1. **Untrusted Source**: The sources (personal GitHub, pastebin) are not official or verifiable.
2. **Unverified Code/Binary**: The content of the binary/script is unknown and cannot be audited by the user or platform.
3. **Arbitrary Code Execution**: A malicious `openclawcli` could execute arbitrary commands, exfiltrate data, or compromise the user's system.
4. **Hidden Dependency**: The lack of declaration in the manifest prevents proper dependency management and security vetting by the platform.
The skill's security is entirely dependent on the trustworthiness of this external, unverified component. 1. **Remove `openclawcli` dependency**: If its functionality is essential, it should be implemented directly within the skill using trusted, auditable libraries, or the skill should clearly state its reliance on a well-known, officially maintained, and verifiable tool. 2. **Declare all dependencies**: If `openclawcli` is truly necessary and can be sourced securely, it *must* be declared in the skill's manifest (`metadata.openclaw.requires.bins`) with clear versioning and a trusted distribution method. 3. **Avoid untrusted sources**: Never instruct users to download and execute binaries or scripts from personal GitHub accounts, pastebin services, or other unverified sources. 4. **Provide verifiable installation**: If an external tool is required, provide cryptographic hashes (e.g., SHA256) for binaries and link to official, secure distribution channels. | LLM | SKILL.md:7 | |
| LOW | Unpinned Python Dependency (`yfinance`) The `yfinance` Python package is installed without a specific version constraint (`pip install yfinance`). This can lead to non-deterministic builds and potential compatibility issues or unexpected behavior if a new version introduces breaking changes or vulnerabilities. While `yfinance` is a legitimate library, unpinned dependencies are a general supply chain best practice concern. Pin the `yfinance` dependency to a specific version (e.g., `pip install yfinance==0.2.28`) or use a version range (e.g., `yfinance>=0.2.28,<0.3.0`) to ensure consistent and predictable installations. | LLM | SKILL.md:20 |
Scan History
Embed Code
[](https://skillshield.io/report/78eeca69bcb6bde3)
Powered by SkillShield