ClawHub

数据分析师skill

Security checks across malware telemetry and agentic risk

Overview

This is a local data-analysis skill that reads user-selected datasets and creates reports; its risks are mainly privacy and output-handling cautions, not hidden or malicious behavior.

Install only if you are comfortable giving the skill access to the datasets you explicitly point it at. Treat generated HTML reports, charts, summary JSON, and terminal output as potentially sensitive, and avoid using untrusted datasets because report text is built from dataset-derived names and values.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger list includes very broad phrases such as '分析数据', '数据分析', and 'analyze data' without narrowing conditions, which can cause the skill to activate in contexts the user did not intend. In an automated agent environment, over-broad activation can route arbitrary datasets or sensitive analysis requests into this workflow, increasing the chance of unintended data processing or report generation.

Missing User Warnings

Low
Confidence
72% confidence
Finding
The README describes automated ingestion, analysis, visualization, and HTML report generation for user datasets but does not warn users about privacy, sensitive data handling, or the risks of producing reports from untrusted input. In a data-analysis skill, this omission can lead users to submit confidential or regulated data without understanding exposure or validation expectations.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The trigger phrases are broad, including common requests like 'data analysis' and 'analyze data', which can cause the skill to activate in situations the user did not clearly intend. Unintended activation is risky here because the skill can read supplied files and write reports/charts, expanding the blast radius of a mistaken invocation.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill explicitly generates HTML reports and saves chart files, but it does not clearly warn users that it will write artifacts to the filesystem. This can surprise users, overwrite files, or create sensitive output files in local directories without informed consent.

Missing User Warnings

Low
Confidence
82% confidence
Finding
The skill encourages loading and processing user-provided datasets but does not include a privacy warning, even though such datasets may contain personal, confidential, or regulated information. In a data-analysis context, omission of this warning increases the chance users expose sensitive data without understanding the privacy implications.

Missing User Warnings

Low
Confidence
86% confidence
Finding
The CLI path prints `results['summary']` directly as JSON, and that summary can include issue strings derived from column names and validation details. In a data-analysis skill, dataset schemas and rule violations may themselves be sensitive metadata, so emitting them to stdout without an explicit consent gate or redaction step can leak information into logs, terminals, or downstream tool traces.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal