ClawHub

Sleep Tracker

Security checks across malware telemetry and agentic risk

Overview

This is a local sleep and wellness tracker, but it can store sensitive health notes in an under-disclosed shared temporary file.

Review this before installing if you plan to enter personal sleep, health, meal, exercise, or symptom notes. Prefer using only a private data directory, be aware that the sleep journal script writes to /tmp/sleep_journal.txt, and verify stored files manually because the documented reset behavior is not fully implemented.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Tp4

High
Category
MCP Tool Poisoning
Confidence
95% confidence
Finding
The manifest presents this as a sleep-improvement skill, but the documentation describes a broader health habit tracker that stores arbitrary entries, command history, reminders, goals, exports, and reset behavior. This capability expansion matters because users and orchestrators may grant trust or permissions based on the sleep-focused description, while the documented behavior implies broader data collection and local persistence than expected.

Intent-Code Divergence

Medium
Confidence
91% confidence
Finding
The top-level documentation reframes the tool as a generic health and wellness tracker instead of the declared sleep-focused assistant. That discrepancy can mislead users into supplying broader personal data and can cause downstream systems to misclassify the skill's risk profile and intended use.

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The documented commands extend beyond sleep journaling into generic health/activity logging, reminders, goals, statistics, history, export, and reset operations. In a health-context skill, this broader scope increases privacy risk because users may enter sensitive wellness data under the assumption they are using a narrowly scoped sleep tool.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The script stores sensitive user sleep journal data, including dates, sleep times, quality scores, and free-form notes, in a predictable file under /tmp. On multi-user systems, temporary directories are commonly shared, and writing health-related personal data there without restrictive permissions or a privacy warning can expose private information to other local users or processes.

VirusTotal

39/39 vendors flagged this skill as clean.

View on VirusTotal