Unpinned Dependencies
Low
- Category
- Supply Chain
- Content
# huo15-openclaw-plan-form skill 运行依赖 # 安装: pip install -r requirements.txt pandas>=1.3 openpyxl>=3.0 xlrd>=2.0 # 读取 .xls(老格式)必需
- Confidence
- 87% confidence
- Finding
- pandas>=1.3
Huo15 Openclaw Plan Form
Security checks across malware telemetry and agentic risk
Overview
This skill coherently processes user-provided Excel planning files into standardized templates and does not show hidden, destructive, or exfiltrating behavior.
Install only in an environment where it is acceptable to process customer planning spreadsheets locally. Consider pinning dependencies or using a lockfile before production use, and review generated column mappings when processing unfamiliar or multi-sheet workbooks.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)
Unpinned Dependencies
Low
- Category
- Supply Chain
- Content
# huo15-openclaw-plan-form skill 运行依赖 # 安装: pip install -r requirements.txt pandas>=1.3 openpyxl>=3.0 xlrd>=2.0 # 读取 .xls(老格式)必需
- Confidence
- 92% confidence
- Finding
- openpyxl>=3.0
VirusTotal
65/65 vendors flagged this skill as clean.