ClawHub

Deeplake

Security checks across malware telemetry and agentic risk

Overview

This looks like a real Deeplake helper, but it should be reviewed because it can upload local data to a cloud workspace and delete tables without strong confirmation guidance.

Install only if you intend to let an agent work with your Deeplake workspace. Use a least-privileged API key, prefer a test workspace first, review which local files or datasets may be uploaded, and require explicit approval before any drop_table, raw SQL mutation, or workspace-management action.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The examples prominently include `drop_table` without any warning about irreversibility or user confirmation. In an agent context, this increases the chance that a model executes destructive deletion as part of routine maintenance or troubleshooting, causing avoidable data loss.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The instruction to replace data by calling `client.drop_table(table_name)` first normalizes destructive deletion as the default replacement path. In agent-driven workflows, that can turn a simple refresh task into irreversible data destruction if the table name is wrong or the user did not explicitly approve replacement.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The table management section exposes deletion APIs with no warning about data loss, authorization expectations, or confirmation requirements. In a skill meant for autonomous or semi-autonomous agents, omitting those guardrails materially increases the chance of accidental destructive actions.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The examples repeatedly show uploading local files, PDFs, videos, and external datasets into a managed cloud service without any notice that file contents and derived metadata are transmitted off-host. This can cause users to inadvertently send sensitive or regulated data to a remote service, especially because the examples normalize broad ingestion workflows as routine.

Missing User Warnings

Low
Confidence
76% confidence
Finding
The Node.js examples read the API key from an environment variable and use it directly, but provide no guidance on secure credential handling, scoping, or avoiding accidental exposure in logs, source control, or client-side contexts. While using environment variables is standard practice, omission of handling guidance in example code can still encourage unsafe operational patterns.

Tool Parameter Abuse

High
Category
Tool Misuse
Content
|-- .create_index(table, col)  -> CREATE INDEX USING deeplake_index (for search)
  |-- .open_table(table)         -> deeplake.open("al://{ws}/{table}") with auto creds
  |-- .list_tables()             -> GET /workspaces/{id}/tables -> list[str] / string[]
  `-- .drop_table(table)         -> DELETE /workspaces/{id}/tables/{name}
                    |
                    v
              REST API -> PostgreSQL + pg_deeplake
Confidence
90% confidence
Finding
DELETE /workspaces/{id}/tables/{name}

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal