ClawHub

AI运动健康助手

Security checks across malware telemetry and agentic risk

Overview

This fitness assistant is mostly purpose-aligned, but it automatically stores health-adjacent profile and exercise diary data without clear consent, retention, or deletion controls.

Review this skill before installing if you share your machine or do not want local fitness, body, and routine data stored. Prefer using it only if you are comfortable with automatic local diary/profile files, and consider asking the publisher to add explicit consent, storage-path disclosure, disable/delete/export commands, and removal of unused web tool permissions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
The skill grants Bash, WebFetch, and WebSearch even though its documented purpose mainly requires local calculation, record keeping, and report generation. Excess capabilities increase the blast radius if the skill is triggered unexpectedly or later combined with unsafe prompts, enabling unnecessary command execution or network access.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger phrases are broad and overlap with common conversation such as '跑步', 'workout', and '今天运动', which can cause unintended activation. In a skill with file-write and shell-enabled capabilities, accidental invocation increases the chance of unsolicited data collection, record creation, or tool use without clear user intent.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill states that exercise data is 'automatically saved' but does not clearly disclose persistence, retention, storage location, or consent flow. Because the collected data includes health-adjacent personal information like age, sex, height, weight, goals, and activity history, silent saving creates privacy and compliance risk.

Missing User Warnings

Low
Confidence
82% confidence
Finding
Writing HTML reports to the working directory without clearly informing the user can create unexpected files containing personal fitness and health-related data. While the behavior is consistent with the feature, the lack of notice and storage controls can expose sensitive information to other local processes or users.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The code persists user profile data, including body weight, to a local JSON file without any visible consent, disclosure, retention control, or access protection in this component. Health-related profile data is sensitive personal information, and silent storage increases privacy risk if the host is shared, backed up, or otherwise accessed by other local processes or users.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
Exercise diary entries are written to per-day JSON files along with timestamps and free-form notes, creating a potentially sensitive behavioral log. In a sports-health skill, this can reveal routines, health patterns, and habits, so undisclosed local persistence presents a real privacy issue even though it is not code-execution related.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal