ClawHub

maccabi-pharm-search

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims: it searches Maccabi pharmacy medication stock, but users should treat medication and city searches as sensitive health information.

Install only if you are comfortable sending medication names, drug identifiers, and selected city codes to Maccabi's service API. Avoid using shared logs or public notifications for sensitive medicines, and set up recurring checks only when the user clearly asks for them and can easily stop them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
84% confidence
Finding
The skill invokes a Node.js script that queries remote APIs for medication search and stock availability, which means it has network capability despite not declaring any permissions. Undeclared network access reduces transparency and can bypass a host's trust and permission model, making it easier for a skill to exfiltrate data or contact unintended endpoints if the implementation changes or is compromised.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill sends user-supplied medication search terms to an external healthcare-related endpoint without any explicit notice, consent, or privacy guardrails. Because medication names can reveal sensitive health conditions, this creates a privacy risk through unintended disclosure of health-related data to a third party service and to network/logging infrastructure.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The stock-check flow transmits a medication identifier and city code to a remote API to determine pharmacy availability, which can expose sensitive inferences about a person's medical needs and approximate location. In this skill's context, querying specific drugs and nearby pharmacies increases the sensitivity because it links health-related intent with geography, even though the transport is HTTPS.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal