Csv Brain
ReviewAudited by ClawScan on May 10, 2026.
Overview
Prompt-injection indicators were detected in the submitted artifacts (system-prompt-override); human review is required before treating this skill as clean.
This skill is reasonable for CSV analysis, but be careful with private or regulated data. If you ask questions through Anthropic or OpenAI, some CSV content is sent to that provider. Use local Ollama or redact sensitive fields if the data must stay local. ClawScan detected prompt-injection indicators (system-prompt-override), so this skill requires review even though the model response was benign.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A malicious or messy CSV could manipulate the AI response, but the shown code does not automatically execute the model's output or mutate files/accounts.
CSV row values are inserted into the model prompt. If a CSV contains prompt-like instructions, the model could be steered into giving incorrect or off-scope answers.
const systemPrompt = `You are a data analyst... Sample data (first 5 rows):\n${JSON.stringify(sampleRows, null, 2)} ... You MUST respond with valid JSON only`;Use trusted CSVs for AI querying, and treat AI answers as advisory. The skill should ideally wrap CSV content as untrusted data and explicitly instruct the model not to follow instructions found inside the dataset.
If an API key is present, questions may consume paid provider quota and authenticate requests under the user's account.
The code reads Anthropic/OpenAI API keys from options or environment variables and uses them for the stated provider integrations.
const apiKey = options.apiKey || process["env"]["ANTHROPIC_API_KEY"]; ... process["env"]["OPENAI_API_KEY"]
Use scoped provider keys where possible, monitor usage, and prefer local Ollama for data that should not leave the machine.
Sensitive values in column names, statistics, or the first few CSV rows may be transmitted to a third-party AI provider during ask().
When using cloud AI providers, the skill sends dataset profile information and the first five rows of the loaded CSV to Anthropic or OpenAI as part of the prompt.
Sample data (first 5 rows):\n${JSON.stringify(sampleRows, null, 2)} ... hostname: 'api.anthropic.com' ... hostname: 'api.openai.com'Do not use cloud providers with confidential CSVs unless this transfer is acceptable. Use local Ollama or redact sensitive columns/rows first.