ClawHub

Python Dataviz

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a straightforward Python data-visualization helper that generates chart files from example or user-provided data.

Install it in an isolated virtual environment and run the examples from a scratch or project directory because they create output chart files. The main practical risk is normal Python dependency trust, not hidden behavior in the skill artifacts.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal