ClawHub

Calorie Counter

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent local calorie tracker, but it can automatically persist food and weight data from broad food mentions without clear confirmation.

Install only if you are comfortable with food, calorie, protein, goal, and weight history being saved locally in calorie_data.db. Be explicit with the agent that food should be logged only when you ask to log or track it, and avoid using this on shared or synced workspaces unless you are comfortable with that plaintext database being accessible through local files or backups.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The guide explicitly stores calorie intake, protein consumption, and weight data in a local SQLite database, which is health-related personal data. While local storage is not inherently insecure, the documentation presents it as 'Secure' and 'human-readable' without warning that anyone with filesystem access, backups, or shared-device access may read this sensitive information.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The README states the agent will automatically use this skill when users mention food or ask about calories, which creates an overly broad activation surface for a tool that persists personal health data. In an agent setting, this can cause unintended logging of sensitive dietary or health-related information from casual conversation without clear user intent or confirmation.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README describes local SQLite storage for food, calorie, protein, and weight data but does not clearly warn users that this is persistent personal health-related data retained on disk. Users may unknowingly disclose and store sensitive information, increasing privacy risk if the workstation, workspace, or database file is later accessed by other users, tools, or backups.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The manifest description says the skill should be used when a user 'mentions food they ate,' which is broad enough to activate during ordinary conversation rather than an explicit request to track health data. Because this skill persists calorie, protein, and weight information in SQLite, over-broad triggering can cause collection and storage of sensitive health-related data without clear user intent.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The top-level description does not clearly warn that the skill persistently stores calorie intake and weight data in a local SQLite database. This is sensitive health-related information, and lack of upfront disclosure increases the risk that users or calling agents will invoke the skill without understanding that personal data will be retained.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill persistently stores calorie intake, protein intake, and weight history in a local SQLite database, which constitutes health-related personal data. There is no user-facing notice, consent flow, retention policy, or protection around the database file, so users may unknowingly leave sensitive lifestyle and body-weight data on disk where other local users, backups, or adjacent processes could access it.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal