ClawHub

Pharma Csv Pro

Security checks across malware telemetry and agentic risk

Overview

This skill runs locally, but it makes pharmaceutical compliance and GMP claims that the implementation does not support well enough for regulated use.

Review before installing for any regulated workflow. Treat it as an unvalidated local CSV helper only; do not rely on its compliance, OOS/OOT, release, submission, or GMP-reporting claims without independent validation, controlled specifications, dependency review, and qualified QA/regulatory oversight.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
97% confidence
Finding
The skill advertises OOS/OOT detection, but the implementation only checks explicit specification-limit breaches and never performs out-of-trend analysis. In a pharmaceutical QC and stability context, this can mislead users into relying on incomplete quality assessments, potentially missing early degradation or process drift signals that matter for GMP decisions.

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The compliance function accepts USP, EP, and ChP as distinct regulatory standards but applies effectively identical limits and logic to all of them. In a regulated pharmaceutical analysis tool, this can produce misleading compliance conclusions and create false assurance for submissions or release decisions where standards differ by monograph, product, or jurisdiction.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The generated report labels results as 'OOS/OOT' even though only OOS findings are produced. This is dangerous because downstream users may treat the report as evidence that both categories were assessed, leading to incorrect QA conclusions in a high-assurance pharmaceutical workflow.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The LIMS example sends batch and OOS analysis data to a remote HTTPS endpoint without any warning about confidentiality, regulatory sensitivity, or the need for explicit user approval. In a pharmaceutical context, batch identifiers, quality events, and timestamps may be sensitive GMP/GxP data, so normalizing silent outbound transmission increases the risk of unintended data disclosure.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal