ClawHub

data-parser-toolkit

Security checks across malware telemetry and agentic risk

Overview

This is a normal data-file parsing skill, but users should be careful with remote URL parsing and unpinned parser dependencies.

Review and pin dependency versions before using this in production or on sensitive data. Avoid or restrict parse_from_url in networks where internal services are reachable, and sandbox parsing of untrusted spreadsheets or Parquet files. Treat the README's unrelated import examples as documentation noise, not required setup.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (10)

Intent-Code Divergence

Medium
Confidence
89% confidence
Finding
The README claims integration into an OpenClaw/Claude Code skill system and shows imports of unrelated modules not otherwise described by this toolkit. In an agent-skill context, misleading integration guidance can cause users or automated systems to trust and load unexpected local modules from a skills path, increasing the risk of dependency confusion, unintended code execution, or use of components outside the reviewed scope.

Context-Inappropriate Capability

Medium
Confidence
82% confidence
Finding
The skill includes arbitrary URL fetching and remote content parsing, which introduces network egress and the possibility of SSRF-style access to internal services or unintended retrieval of sensitive resources if attacker-controlled URLs are passed in. In a data-parsing skill, remote fetch capability is more dangerous because users may expect local file parsing only, while the code can contact external or internal endpoints silently.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The README advertises parsing from remote URLs and retry behavior without any warning about trust boundaries, data integrity, authentication, or privacy implications. In a skill/agent setting, encouraging remote fetches can lead to SSRF-like behavior, ingestion of malicious content, or accidental exfiltration through requests to attacker-controlled endpoints.

Missing User Warnings

Medium
Confidence
85% confidence
Finding
`read_from_url()` performs outbound network access without any user-facing notice, confirmation, or policy guardrails. That creates privacy and SSRF risk because a caller may unintentionally cause the skill to contact attacker-chosen endpoints, including internal services, while processing seemingly ordinary input.

Unpinned Dependencies

Low
Category
Supply Chain
Content
pandas
openpyxl
chardet
pyarrow
Confidence
95% confidence
Finding
pandas

Unpinned Dependencies

Low
Category
Supply Chain
Content
pandas
openpyxl
chardet
pyarrow
xlrd>=2.0.0
Confidence
95% confidence
Finding
openpyxl

Unpinned Dependencies

Low
Category
Supply Chain
Content
pandas
openpyxl
chardet
pyarrow
xlrd>=2.0.0
Confidence
95% confidence
Finding
chardet

Unpinned Dependencies

Low
Category
Supply Chain
Content
pandas
openpyxl
chardet
pyarrow
xlrd>=2.0.0
Confidence
95% confidence
Finding
pyarrow

Known Vulnerable Dependency: openpyxl — 2 advisory(ies): CVE-2017-5992 (Improper Restriction of XML External Entity Reference in Openpyxl); CVE-2017-5992 (Openpyxl 2.4.1 resolves external entities by default, which allows remote attack)

High
Category
Supply Chain
Confidence
81% confidence
Finding
openpyxl

Known Vulnerable Dependency: pyarrow — 8 advisory(ies): CVE-2023-47248 (PyArrow: Arbitrary code execution when loading a malicious data file); CVE-2019-12408 (Missing Initialization of Resource in Apache Arrow); CVE-2019-12410 (Missing Initialization of Resource in Apache Arrow) +5 more

Critical
Category
Supply Chain
Confidence
95% confidence
Finding
pyarrow

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal