ClawHub

Digital Twin Patient Builder

Security checks across malware telemetry and agentic risk

Overview

This skill is not overtly malicious, but it should be reviewed carefully because it processes sensitive patient data and produces dosing-style outputs without enough privacy or clinical-use guardrails.

Install only in an isolated environment, pin and review dependencies first, and do not use real patient records unless you have appropriate privacy controls and authorization. Treat all dosing, efficacy, and toxicity outputs as research simulations, not medical guidance.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill documents file read/write behavior and executable Python scripts, but it does not declare corresponding permissions or constraints. This creates a trust and enforcement gap: users or a host platform may not realize the skill can access local files, increasing the risk of unintended data access or modification, especially given the medical context.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This skill is designed to process highly sensitive patient genotype, clinical, and imaging data while also indicating network and file access, yet it provides no meaningful privacy, consent, retention, or transmission warning. In a healthcare setting, that omission is dangerous because users may provide regulated health data without understanding where it is stored, transmitted, or exposed.

Unpinned Dependencies

Low
Category
Supply Chain
Content
dataclasses
enum
numpy
Confidence
93% confidence
Finding
numpy

Known Vulnerable Dependency: numpy — 10 advisory(ies): CVE-2014-1859 (Numpy arbitrary file write via symlink attack); CVE-2021-41495 (NumPy NULL Pointer Dereference); CVE-2021-33430 (NumPy Buffer Overflow (Disputed)) +7 more

Critical
Category
Supply Chain
Confidence
95% confidence
Finding
numpy

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal