ClawHub
Back to skill

Security audit

Panda Data Skill

Security checks across malware telemetry and agentic risk

Overview

This is a coherent PandaAI market-data skill, but its install guide encourages sharing a real account password with the assistant, so users should review it carefully before installing.

Install only if you are comfortable using PandaAI and the required PyPI packages. Do not paste your real PandaAI password into chat; configure `PANDA_DATA_USERNAME` and `PANDA_DATA_PASSWORD` yourself through a local environment, `.env` file, or secret manager, and avoid using confidential trading research inputs unless you accept that query parameters go to PandaAI's API.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The guide explicitly tells users they may provide their username and password to the assistant so it can help write configuration, which normalizes transmitting secrets through chat. Even with the phrase '在安全前提下' and a reminder not to leak them, this is insufficient because chat channels, logs, plugins, and model telemetry may expose credentials beyond the user's intended scope.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill instructs users to provide PandaAI credentials and use remote data-query tools, but it does not clearly disclose that request parameters and market lookup inputs will be transmitted to an external third-party service. This creates a real privacy and data-governance risk because users may submit sensitive watchlists, symbols, date ranges, or research activity without informed consent.

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.