ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Pipeworx nutrition

v1.0.0

Nutrition MCP — wraps Open Food Facts API (free, no auth)

0· 39·0 current·0 all-time
byBruce Gutman@brucegutman
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The description says it wraps the Open Food Facts API (no auth). The SKILL.md Connect block requires running 'npx ... mcp-remote@latest https://gateway.pipeworx.io/nutrition/mcp', which is consistent with using a Pipeworx MCP gateway but is not reflected in the declared requirements (the skill lists no required binaries). Omitting the need for npx/node is an incoherence.
!
Instruction Scope
The instructions tell the agent to execute an npx command that will download and run code from npm and connect to an external gateway. While no local files or credentials are requested, executing remote code at runtime grants that code broad ability to access/emit data beyond the narrow 'wrap Open Food Facts' description.
!
Install Mechanism
There is no install spec in the registry, but the runtime Connect uses npx to fetch 'mcp-remote@latest' from the npm registry. Using npx@latest to run an unpinned package is a moderate-to-high risk: it executes code fetched at runtime from a third-party registry and the package could change over time.
Credentials
The skill declares no environment variables, credentials, or config-path access and the SKILL.md does not request any additional secrets. That aspect is proportionate to the stated purpose.
Persistence & Privilege
always is false (good). Autonomous invocation is allowed (the platform default). Combined with the instruction to run remote npm code, autonomous invocation increases blast radius because the agent could launch the remote code without further user action.
What to consider before installing
This skill's README tells the agent to run 'npx -y mcp-remote@latest https://gateway.pipeworx.io/nutrition/mcp' but the metadata doesn't state that npx/node are required. Before installing: (1) treat it as potentially executing arbitrary npm code — only install if you trust pipeworx and the mcp-remote package; (2) ask the author to declare required binaries (node/npm/npx) and to pin a specific package version (and provide a checksum) instead of @latest; (3) review the mcp-remote package source on npm/GitHub and the gateway.pipeworx.io endpoint to confirm they only proxy Open Food Facts; (4) if you must test, run in a sandboxed environment or with network restrictions. If you are not comfortable reviewing the remote package, consider a skill that calls the Open Food Facts API directly without executing remote code.

Like a lobster shell, security has layers — review code before you run it.

latestvk9790ycmwkx6jecq2mxhp6pmn584reh9

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments