ClawHub

Differential Gene Expression Analysis (RNA-seq)

Security checks across malware telemetry and agentic risk

Overview

This is a small RNA-seq analysis skill whose main risks are disclosure gaps around input data and package installation, not evidence of malicious behavior.

Before installing, expect the skill to read input/count_matrix.csv and to download/install R/Bioconductor packages if they are not already present. Use a project-specific or disposable R environment if package changes matter, and avoid placing sensitive count data in the input path unless you are comfortable having it processed locally.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill description claims it uses simulated expression data, but the code actually processes a user-supplied CSV and installs packages from the network at runtime. This mismatch can mislead users about both data handling and execution behavior, increasing the chance they run untrusted code or expose sensitive data under false assumptions.

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The markdown states the analysis uses simulated expression data, but the implementation reads input/count_matrix.csv, meaning real user-provided data is processed. This is a security-relevant documentation deception because users may treat the skill as self-contained and safe when it actually ingests external data that may be sensitive or malformed.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The skill installs R/Bioconductor packages from the network at runtime without disclosing this behavior. Runtime dependency installation expands the attack surface through supply-chain compromise, unexpected code execution during package install, and non-reproducible environments, especially in automated agent execution contexts.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal