ClawHub

Subagent Health Monitor

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This is a local MCP monitoring tool with no network or credential access, but it stores agent/task state locally and overstates duplicate-spawn detection.

Install only if you are comfortable with local persistent monitoring state in ~/.claude, including task descriptions and agent identifiers. Avoid passing sensitive task text, and manually inspect or delete ~/.claude/subagent-health-state.json when you want to clear retained state. Do not rely on the advertised duplicate-spawn alerts without testing, because the current code does not appear to implement that feature.

SkillSpector (3)

By NVIDIA

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill declares no permissions, yet its documented behavior indicates local persistent writes under ~/.claude/, which expands its effective capability beyond what a user would reasonably expect from the manifest alone. Hidden or undeclared file-write behavior can lead to silent state persistence, privacy issues, and erosion of trust, especially in agent tooling that runs with user context.

Tp4

High
Category
MCP Tool Poisoning
Confidence
96% confidence
Finding
The skill’s public description promises monitoring, duplicate-spawn detection, and actionable alerts, but the analyzed behavior includes undisclosed persistent storage and unexposed metadata collection while failing to surface some claimed outputs. This mismatch is dangerous because users may authorize or trust the tool under false assumptions, enabling unnecessary data collection and operational behavior that is not transparent from the interface or description.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The server persistently writes agent and task state to ~/.claude/subagent-health-state.json without any user-facing disclosure, consent, or controls. In this skill context, task descriptions may contain sensitive workflow details, making silent local retention a privacy and data exposure risk if the host is shared, backed up, or inspected by other software.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal