ClawHub

Digital Twin Discharge Drafter

Security checks across malware telemetry and agentic risk

Overview

This does not look like malware, but it makes unsupported medical AI claims and handles patient discharge data without adequate privacy or clinical-use guardrails.

Only install this for non-production drafting or review workflows unless it is revised and validated. Do not use it with real patient data outside an approved clinical environment, and do not rely on its risk scores, follow-up timing, medication reconciliation, or patient instructions without qualified clinician review and secure PHI handling controls.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (8)

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The code advertises loading an AI/digital twin model but `_load_model` always returns an empty dictionary. In a healthcare discharge workflow, this can mislead users into believing model-backed predictions are being used when no model is loaded, resulting in unsafe clinical reliance on fabricated or default outputs.

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
The risk calculation claims to use a digital twin but actually just returns `model.get('readmission_risk', 0.15)`, including a fixed default when no model output exists. In discharge planning, presenting an arbitrary default as an individualized readmission risk can drive inappropriate follow-up intensity, medication planning, or care transition decisions.

Intent-Code Divergence

Low
Confidence
91% confidence
Finding
The helper claims to schedule follow-up appointments but only emits hard-coded placeholder timings without checking specialty, diagnosis, urgency, calendars, or patient constraints. In a discharge skill, this can create false assurance that clinically appropriate follow-up has been arranged when it has not, increasing the chance of missed care transitions.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill description is broad enough to activate on routine healthcare drafting and care-transition tasks, not just narrowly scoped discharge-summary generation. In a clinical setting, over-broad invocation can cause unnecessary exposure of sensitive patient data to the skill and encourage use of AI-generated clinical content outside intended guardrails, increasing privacy and patient-safety risk.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The markdown instructs use of patient identifiers, admission data, treatment history, digital twin models, pharmacy notification, and provider sharing, but does not include explicit privacy, consent, minimum-necessary, de-identification, or regulatory warnings. Because this skill operates on highly sensitive health information and facilitates downstream disclosure, missing privacy guidance materially increases the chance of unauthorized exposure or improper sharing of PHI.

Natural-Language Policy Violations

Medium
Confidence
88% confidence
Finding
The patient-facing summary is always generated in English despite the broader skill exposing a language preference parameter elsewhere. In a medical discharge context, language mismatch can directly impair comprehension of diagnoses, warning signs, and instructions, creating patient safety risk rather than being a mere usability issue.

Unpinned Dependencies

Low
Category
Supply Chain
Content
dataclasses
dateutil
Confidence
91% confidence
Finding
dataclasses

Unpinned Dependencies

Low
Category
Supply Chain
Content
dataclasses
dateutil
Confidence
95% confidence
Finding
dateutil

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal