ClawHub
Back to skill

Security audit

DolphinDB 基础操作技能

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate DolphinDB CRUD skill, but it normalizes weak administrator credentials and gives copy-paste examples for irreversible database deletion without enough safeguards.

Install only in a controlled DolphinDB environment after reviewing the referenced helper scripts. Replace all default administrator credentials with a least-privilege account, rotate any default password, and require explicit human confirmation plus backups before running DELETE, DROP, bulk UPDATE, or partition deletion examples.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The skill repeatedly states that environment validation is mandatory before use, but the included Python examples bypass that control and directly connect to DolphinDB using hardcoded administrator credentials (`admin` / `123456`). This creates a realistic path for unsafe copy-paste execution, encourages use of default privileged credentials, and undermines the documented safety/setup boundary.

Missing User Warnings

High
Confidence
98% confidence
Finding
The skill provides explicit examples for deleting data, dropping tables, dropping databases, and dropping partitions without prominent risk warnings, confirmation steps, backup guidance, or safer alternatives. In a copy-paste-oriented skill, this materially increases the chance of accidental irreversible data loss, especially because the surrounding document also normalizes direct admin access.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal