ClawHub

Resource Position Analysis

Security checks across malware telemetry and agentic risk

Overview

This is a local Excel analytics skill whose behavior matches its purpose, with the main caveat that it may automatically install Python dependencies on first run.

Install and run this only in a virtual environment if possible. Consider manually installing reviewed versions of pandas and openpyxl before use so the script does not modify your default Python environment at runtime. Be mindful that the Excel input may contain business metrics, but the artifacts show local processing rather than external upload.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
missing.append("openpyxl")
    if missing:
        print(f"正在安装缺失依赖: {', '.join(missing)} ...", file=sys.stderr)
        subprocess.check_call(
            [sys.executable, "-m", "pip", "install", "--quiet"] + missing,
        )
Confidence
92% confidence
Finding
subprocess.check_call( [sys.executable, "-m", "pip", "install", "--quiet"] + missing, )

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill is presented as a local analytics/reporting tool, but it also modifies the execution environment by installing packages automatically. This behavior is security-relevant because it performs network/package-management actions outside the user's expected scope, which can introduce malicious or tampered dependencies.

Context-Inappropriate Capability

High
Confidence
97% confidence
Finding
Runtime subprocess execution for pip installation is not necessary for generating funnel analysis reports and materially increases risk. If executed in a privileged or production environment, it can download and execute third-party package code, alter the Python environment, and create a pathway for supply-chain compromise or operational instability.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal