Back to skill

Security audit

Pandas Construction Analysis

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward Pandas guide for analyzing construction spreadsheets and generating local reports, with no hidden or unrelated behavior found.

Install this if you want help analyzing construction CSV or Excel files with Pandas. Review the file paths before running exports, especially where Excel or CSV reports are saved, so you do not overwrite existing project files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Low
Confidence
91% confidence
Finding
This markdown skill includes example code that writes output files such as `qto_report.xlsx` without any accompanying warning that running the example will create or overwrite files on disk. Under the markdown-file criteria for missing user warnings, file-affecting behavior should be disclosed when it could impact user data or system state.

Missing User Warnings

Low
Confidence
95% confidence
Finding
The Data Export section demonstrates multiple `to_excel` and `to_csv` operations but does not warn users that these actions create or overwrite files. For markdown skill documentation, behaviors that affect user data should include a brief disclosure so users understand the side effects before copying the commands.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.