ClawHub

Pandas Skill

Security checks across malware telemetry and agentic risk

Overview

This is a normal pandas helper skill that reads user-chosen tabular files and writes user-chosen analysis or transformed output files.

Install it in a virtual environment if you want dependency isolation, keep backups of original datasets, and use explicit new output filenames so cleaning or conversion commands do not overwrite files you care about.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill instructs the agent to run scripts that create and modify output files, but it does not declare any corresponding permissions or boundaries for file writes. This can lead to unintended file creation or overwriting when the skill is auto-invoked, reducing transparency and weakening least-privilege controls.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The description is broad enough to match many generic data-processing requests, which increases the chance the skill is activated outside a narrowly intended pandas use case. Over-broad activation raises the risk of unnecessary code execution and file operations in contexts where a simpler or read-only response would be safer.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The catch-all trigger 'Any pandas DataFrame operations' is effectively unbounded and can cause the skill to activate for a very wide range of requests. In combination with executable script guidance, this broad scope can increase accidental invocation and unintended data modification or output generation.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal