critical
suspicious.dangerous_exec
- Location
- publish_gutcheck.js:28
- Finding
- Shell command execution detected (child_process).
GutCheck Digestive Health Tracker
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.dangerous_exec
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
ConcernMedium Confidence
ASI04: Agentic Supply Chain VulnerabilitiesWhat this means
Installing the tracker could execute code and dependency scripts that were not included in this review.
Why it was flagged
The reviewed package does not include the actual app implementation, and SKILL.md points users to clone and install dependencies from an external repository. That remote code and npm install behavior are outside the provided review evidence.
Skill content
"kind": "git", "url": "https://github.com/openclaw/gutcheck.git", "dest": "./gutcheck" ... "command": "cd gutcheck && npm install"
Recommendation
Review the referenced GitHub repository and npm dependency tree before running npm install or starting the app.
ConcernHigh Confidence
ASI03: Identity and Privilege AbuseWhat this means
If followed, these instructions could publish or modify a ClawHub skill using the user's account.
Why it was flagged
The documentation asks for ClawHub authentication and skill publication authority. That is a privileged account action and is not needed for a normal user to track digestive health.
Skill content
npx clawhub login ... npx clawhub publish ./gutcheck-skill --slug gutcheck --name "GutCheck Digestive Health Tracker"
Recommendation
Do not run the publishing instructions unless you intentionally intend to publish this package and understand the account impact.
ConcernHigh Confidence
ASI05: Unexpected Code ExecutionWhat this means
Running the script can perform a public registry action from the user's environment rather than simply launching the health tracker.
Why it was flagged
The included executable script invokes a shell command that publishes to ClawHub. This is unrelated to the tracker runtime and uses external CLI behavior.
Skill content
execSync(`npx clawhub publish ${tempDir} --slug gutcheck --name "GutCheck Digestive Health Tracker" --version 1.0.0 --changelog "Initial release of GutCheck skill"` , { stdio: 'inherit' });Recommendation
Avoid running publish_gutcheck.js unless you have reviewed it and specifically want to publish the skill.
NoteMedium Confidence
ASI06: Memory and Context PoisoningWhat this means
Meal logs, symptoms, and derived food sensitivity insights may be stored locally and should be protected like other health data.
Why it was flagged
The application is designed to persist meal and digestive-response data in a database. That is purpose-aligned, but it is sensitive health-related information.
Skill content
MONGODB_URI=mongodb://localhost:27017/gutcheck ... POST /api/diet/add-meal ... GET /api/diet/my-meals
Recommendation
Use a strong JWT secret, protect the database, and avoid entering health information unless you are comfortable with the app's storage model.
NoteMedium Confidence
ASI09: Human-Agent Trust ExploitationWhat this means
Users may over-trust privacy protections for sensitive health information without confirming how the actual app stores and protects data.
Why it was flagged
The package makes a strong privacy and encryption claim, but the reviewed artifacts do not include the app implementation needed to verify it.
Skill content
Privacy-Focused: All personal health data remains encrypted and under user control, with no sharing with third parties without explicit consent.
Recommendation
Verify the implementation of encryption, access controls, and data sharing behavior before relying on the privacy claim.