ClawHub

Nori Health

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Nori health-coaching relay that sends user health prompts to Nori using a Nori API key, with no evidence of hidden execution, persistence, or unrelated data access.

Use this skill only if you intend Nori to receive your health-related prompts and process them with your connected health account data. Keep the Nori API key private, review Nori's privacy and retention practices, and do not use it for diagnosis, prescriptions, or emergencies.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill is designed to transmit highly sensitive personal health information to a third-party service, but it does not require an explicit user-facing privacy disclosure or consent step at the point of use. Because the instructions say to forward the user's exact words verbatim and let the remote service handle logging and analysis, users may unknowingly send protected or sensitive health data off-platform.

External Transmission

Medium
Category
Data Exfiltration
Content
Use `jq -n` to safely escape the user's message into valid JSON, and capture the HTTP status code to handle errors:

```bash
RESPONSE=$(curl -s -w "\n%{http_code}" -X POST "https://api.nori.health/api/v1/openclaw/chat" \
  -H "Authorization: Bearer $NORI_API_KEY" \
  -H "Content-Type: application/json" \
  -d "$(jq -n --arg msg "USER_MESSAGE_HERE" '{message: $msg}')")
Confidence
92% confidence
Finding
curl -s -w "\n%{http_code}" -X POST "https://api.nori.health/api/v1/openclaw/chat" \ -H "Authorization: Bearer $NORI_API_KEY" \ -H "Content-Type: application/json" \ -d

External Transmission

Medium
Category
Data Exfiltration
Content
Use `jq -n` to safely escape the user's message into valid JSON, and capture the HTTP status code to handle errors:

```bash
RESPONSE=$(curl -s -w "\n%{http_code}" -X POST "https://api.nori.health/api/v1/openclaw/chat" \
  -H "Authorization: Bearer $NORI_API_KEY" \
  -H "Content-Type: application/json" \
  -d "$(jq -n --arg msg "USER_MESSAGE_HERE" '{message: $msg}')")
Confidence
92% confidence
Finding
https://api.nori.health/

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal