ClawHub
Back to skill

Security audit

Quant Data Quality

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only quantitative data quality checklist with no hidden execution, credentials, persistence, or external data transfer.

Install this as a checklist-style helper. Be aware it may activate on broad data-quality phrases, and review any example Python snippets before running them against your own project data paths.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The skill is configured to auto-trigger on very broad phrases such as '数据问题' and '数据异常', which commonly appear in normal conversations about quantitative workflows. This can cause unintended invocation, injecting unsolicited guidance or context into unrelated tasks and reducing user control over when the skill activates.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.