Data Profiler
PassAudited by ClawScan on May 1, 2026.
Overview
The visible artifacts describe a coherent construction data-profiling skill with purpose-aligned file access and no evidence of exfiltration, deception, or destructive behavior.
This skill appears safe for its stated purpose. Use it with specific construction datasets you intend to analyze, avoid giving it broad folders or unnecessary sensitive data, and review any generated exports before sharing them.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If given broad or sensitive paths, the agent may read and analyze more local data than the user intended.
The skill requests filesystem access, which is expected for profiling user-provided data files but still means users should scope which local files or directories they provide.
"permissions": [
"filesystem"
]Provide only the specific dataset files needed for profiling and review any requested export path before allowing writes.
The skill may require additional Python packages in the user’s environment even though they are not declared as install requirements.
The documented implementation depends on pandas and numpy, while the metadata only declares python3 and there is no install spec; this is a minor packaging/dependency disclosure gap.
import pandas as pd import numpy as np
Before use, confirm which Python packages are needed and install them from trusted sources if required.
Profile results could contain sensitive construction, cost, contact, or project details and may remain available within the active task context.
The sample implementation stores generated profile objects in memory; those profiles may include dataset-derived summaries such as top values and quality findings.
self.profiles[source_name] = profile
Avoid profiling secrets or unnecessary personal data, and review generated summaries before sharing or exporting them.