ClawCoach Setup

Security checks across malware telemetry and agentic risk

Overview

This is a coherent local setup skill for a health-coaching profile, but it stores sensitive personal and diet information on the user's machine.

Install only if you are comfortable sharing health-related setup details with the agent and saving them under ~/.clawcoach/. Provide only fields you want stored locally, and review or delete that directory if you no longer want the profile or logs retained.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The activation logic includes an open-ended trigger ('or similar'), which can cause the skill to activate on ambiguous user requests that were not intended to start a health-profile setup flow. In this context, unintended activation is risky because the skill immediately begins collecting and storing sensitive personal and health-related data.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill instructs storage of profile, dietary, and weight-related data in local JSON files, but does not prominently warn the user that this is sensitive health-related information with privacy implications. Although it says data stays local, that is not the same as informed consent about persistence, file location, retention, and exposure to other local users or backups.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal