Skill Trust Decision
Etf
Documentation claims ETF analysis functionality but code implements only a generic local logger with no financial analysis features.
Most direct threat evidence
High Doc Mismatch
False documentation - no ETF functionality exists SKILL.md describes an 'ETF holdings analyzer' for 'screening ETFs, comparing ratios, and tracking allocations' but scripts/script.sh contains only generic local logging commands. There is zero ETF-specific logic, financial data fetching, or market analysis code.
SKILL.md:1 Why this conclusion was reached
2/4 dimensions flagged Block
Declared vs actual capability
1 undeclared or violating capabilities were inferred.
Review
Hidden execution and egress
3 lower-risk artifacts were extracted and still need context.
Block
Attack chain and severe findings
The report includes 0 attack-chain steps and 1 severe findings.
Review
Dependencies and supply chain hygiene
Dependency information is incomplete, so supply-chain confidence stays limited.
What drove the risk score up
Doc-to-code mismatch +25
SKILL.md advertises ETF analysis tools but script.sh contains only generic logging commands with no ETF logic
Undeclared filesystem access +15
Skill declares NONE for filesystem but script writes to ~/.local/share/etf/
Generic command pattern suspicious +5
Commands (run, check, convert, analyze) are generic placeholders with no actual functionality
Most important evidence
High Doc Mismatch
False documentation - no ETF functionality exists
SKILL.md describes an 'ETF holdings analyzer' for 'screening ETFs, comparing ratios, and tracking allocations' but scripts/script.sh contains only generic local logging commands. There is zero ETF-specific logic, financial data fetching, or market analysis code.
SKILL.md:1 Verify if this skill was mislabeled or if malicious code was injected into a legitimate tool.
Medium Priv Escalation
Undeclared filesystem WRITE permission
The skill declares filesystem:NONE but the script creates and writes to ~/.local/share/etf/ directory for persistent storage.
scripts/script.sh:9 Update SKILL.md to declare filesystem:WRITE permission for the etf data directory.
Low Data Exfil
Local data persistence with no encryption
All user inputs to commands are logged in plaintext to log files in ~/.local/share/etf/. While marked 'offline', this creates a local data store that could be accessed by other processes.
scripts/script.sh:58 Consider documenting data retention policies and adding encryption if sensitive data may be processed.
Declared capability vs actual capability
Filesystem Block
Declared NONE
→ Inferred WRITE
scripts/script.sh:9 mkdir -p "$DATA_DIR" Network Pass
Declared NONE
→ Inferred NONE
No network calls found Shell Pass
Declared NONE
→ Inferred NONE
No subprocess/eval calls Environment Pass
Declared NONE
→ Inferred NONE
No env access except DATA_DIR path Suspicious artifacts and egress
Medium External URL
https://bytesagain.com SKILL.md:6
Medium External URL
https://bytesagain.com/feedback/ SKILL.md:98
Dependencies and supply chain
There are no structured dependency warnings.
File composition
2 files · 414 lines
Shell 1 files · 313 linesMarkdown 1 files · 101 lines
Files of concern · 2
scripts/script.sh Undeclared filesystem WRITE permission · Local data persistence with no encryption
SKILL.md False documentation - no ETF functionality exists · https://bytesagain.com · https://bytesagain.com/feedback/ · [email protected]
Security positives
No network requests or external communications detected
No credential harvesting or environment variable enumeration
No base64 encoding or obfuscated commands
No remote script execution (curl|bash, wget|sh)
No subprocess or shell execution capabilities
Works entirely offline as documented
No supply chain dependencies or external packages