ClawHub

analytics-engineer

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only analytics engineering skill, but users should treat its runnable examples as production-sensitive templates.

Install this only if you want an analytics engineering reference skill. Before using generated code from it, move credentials into a secrets manager, use least-privilege service accounts, test in development or staging, and require explicit approval before refreshing BI assets, deploying dbt to production, querying sensitive warehouse data, or sending email alerts.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
The example includes authenticated calls to an external BI platform and the ability to trigger remote datasource refreshes, which introduces operational side effects beyond passive analytics examples. In a reference/examples file, this can normalize network-capable automation and encourage users to run code that reaches external services with privileged credentials.

Context-Inappropriate Capability

Medium
Confidence
84% confidence
Finding
This code couples local command execution with downstream BI refresh automation, creating a workflow that can execute system commands and then trigger external state changes. Even though the commands are fixed, the pattern expands the skill from analytics modeling into orchestration with side effects, increasing the risk of unsafe reuse in agent contexts.

Context-Inappropriate Capability

Medium
Confidence
87% confidence
Finding
The example demonstrates direct warehouse connectivity plus outbound email alerting, which goes beyond transformation/modeling guidance and introduces data access and exfiltration-capable behaviors. In an agent skill, such examples can be repurposed to query sensitive data and send alerts or data externally without clear guardrails.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The example hardcodes a service username and password directly in source, which is an insecure secret-handling practice. Embedded credentials are frequently copied into real deployments, exposed in repositories, logs, or screenshots, and can enable unauthorized access to BI infrastructure.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The example includes database credentials in code and demonstrates outbound email behavior without warning, combining secret exposure with a potential external transmission path. This pattern is especially risky in documentation because users often copy examples verbatim into production scripts.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal