Pandas Skill
PassAudited by ClawScan on May 1, 2026.
Overview
This is a coherent local pandas data-processing skill; review its normal file-writing behavior and Python dependency install, but the provided artifacts do not show hidden exfiltration or destructive behavior.
This skill appears safe for normal local pandas work. Before installing or using it, run it in a virtual environment, review the Python dependencies, work on copies of important datasets, and choose output filenames that will not overwrite files you need.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill can create or replace local output files when processing datasets.
The cleaner writes processed data to a caller-specified local output path. This is expected for a data-cleaning tool, but it is still local file mutation that users should direct carefully.
def save_data(df: pd.DataFrame, output_path: str):
"""保存数据"""
output_path = Path(output_path)
if output_path.suffix == '.csv':
df.to_csv(output_path, index=False)Use explicit new output filenames, keep backups of original data, and review results before replacing important files.
Installing dependencies may pull newer package versions chosen by the package manager.
The dependency file uses common pandas-related packages with lower-bound version ranges rather than pinned versions or hashes. This is normal for a pandas skill, but it affects reproducibility and dependency review.
pandas>=2.0.0 numpy>=1.24.0 openpyxl>=3.0.0 pyarrow>=12.0.0 xlrd>=2.0.0
Install in a virtual environment and pin or review dependency versions if you need strict reproducibility or stronger supply-chain control.