ClawHub

data-analysis-partner

ReviewAudited by ClawScan on May 10, 2026.

Overview

The skill mostly matches its data-reporting purpose, but a crafted CSV or Excel file could inject code into the generated HTML report when it is opened or shared.

Install only if you trust the datasets you will analyze or can inspect the generated HTML before opening/sharing it. Avoid using untrusted CSV/Excel files until the skill escapes report content, and consider using pinned dependencies plus an offline ECharts bundle for sensitive data.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Medium
#ASI05: Unexpected Code Execution
What this means

A malicious or untrusted spreadsheet could make the generated report run unexpected browser JavaScript, especially risky if the report is opened locally or sent to other people.

Why it was flagged

Column names and sample values from the analyzed dataset are inserted directly into the generated HTML report. If a CSV/Excel file contains HTML or script-like values, those values could become executable markup when the report is opened.

Skill content
<td><code>${c.name}</code></td> ... <td class="sample-vals">${c.sample.join(" / ")}</td>
Recommendation

Escape all data-derived strings before placing them in HTML, safely serialize chart data for script blocks, and treat reports generated from untrusted datasets as unsafe until this is fixed.

Low
#ASI02: Tool Misuse and Exploitation
What this means

The skill can process local files you point it at and write report files to the chosen output directory.

Why it was flagged

The skill needs to read the selected dataset, write an HTML report, and invoke Python. These permissions are aligned with the stated purpose, but they are meaningful local-environment capabilities.

Skill content
"permissions": [
    "files:read",
    "files:write",
    "shell:python3"
  ]
Recommendation

Only provide intended CSV/Excel paths, review the output directory, and avoid using it on sensitive datasets unless you trust the generated report handling.

Low
#ASI04: Agentic Supply Chain Vulnerabilities
What this means

Opening reports may contact jsDelivr, and dependency installation depends on the current packages served by PyPI.

Why it was flagged

The skill relies on unpinned Python dependencies for setup and loads ECharts from a public CDN when the report is opened. Both are disclosed and purpose-aligned, but they introduce third-party dependency trust.

Skill content
~/.openclaw/skills/data-analysis-partner/.venv/bin/pip install pandas numpy openpyxl xlrd ... <script src="https://cdn.jsdelivr.net/npm/echarts@5/dist/echarts.min.js"></script>
Recommendation

Use a trusted Python environment, consider pinned dependency versions, and prefer a bundled/offline ECharts file for sensitive or offline reports.