ClawHub

Health Guardian

Security checks across malware telemetry and agentic risk

Overview

This skill appears locally focused and not malicious, but it handles sensitive health data with recurring monitoring while overstating privacy and reliability.

Review before installing. Use this only with explicit consent from the person whose health data is monitored, protect the local data directory, and understand that iCloud sync and any external alert channel can expose health information outside the machine. Treat it as an experimental helper, not a medical alert system, and test the import and analysis flow before relying on it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
78% confidence
Finding
The skill documents file read/write behavior against sensitive local health data but does not declare corresponding permissions. In an agent ecosystem, undeclared capabilities reduce user visibility and consent, especially when the data involved is highly sensitive medical information stored in local and synced folders.

Tp4

High
Category
MCP Tool Poisoning
Confidence
91% confidence
Finding
The documented behavior materially mismatches the described purpose: it reads directly from iCloud-backed health exports, stores raw readings locally, and appears not to deliver the robust monitoring workflow it advertises. In a health-monitoring context, this is dangerous because users may trust the skill for proactive anomaly detection when the implementation may silently fail or provide incomplete analysis, creating both privacy and safety risks.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The privacy statement claims that nothing leaves the machine and that there is no cloud, yet the documented setup relies on iCloud Drive synchronization. This is a misleading privacy representation for sensitive health data and may cause users to underestimate exposure to third-party cloud storage or account compromise risks.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill handles highly sensitive health data and recommends alert delivery via external channels such as Telegram without clearly warning about confidentiality, retention, and misdelivery risks. In a medical context, transmitting anomaly alerts through third-party messaging services can expose private health information and create regulatory or safety issues.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal