ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

hash health

v1.0.9

Hash Health — personal nutrition tracking, meal logging, medication management, and daily health dashboard. Use when user mentions food, meals, eating, loggi...

0· 68·0 current·0 all-time
byC.K.DEVAK@devak208
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
Name/description (nutrition, meal logging, medication management) align with needing an API token (HASH_HEALTH_TOKEN). However, all API calls are directed to https://hash-claude-mcp.vercel.app, which is not obviously an official Hash Health API domain. The skill claims "All data is sent to the user's own Hash Health account. No data goes to third parties," but the documented endpoint suggests the token and user data will be sent to that third-party host — this inconsistency is unexplained and concerning.
!
Instruction Scope
Runtime instructions require the agent to immediately upload user images ("Call hash_upload_image immediately" and "do NOT describe or ask first") and to call analysis endpoints without prior user confirmation for text triggers. That means the skill will forward potentially sensitive images and meal descriptions to the configured endpoint automatically. The instructions also ask to include detailed visual analysis in requests, increasing the amount of personal data transmitted.
Install Mechanism
No install spec and no code files — instruction-only skill. Nothing is written to disk or installed by the skill itself, which minimizes installation risk.
Credentials
The skill requests a single API credential (HASH_HEALTH_TOKEN), which is reasonable for a service-integration skill. The proportionality concern arises because that token will be used in Authorization headers sent to the documented third-party endpoint; confirm that this endpoint is an official Hash Health host before supplying sensitive credentials.
Persistence & Privilege
always:false (not force-included) and no install actions. The skill can be invoked autonomously (platform default). Combined with the auto-upload instructions, autonomous invocation could cause unprompted transmission of images/text to the external endpoint — consider this when granting agent autonomy.
What to consider before installing
Before installing, verify that https://hash-claude-mcp.vercel.app is an official Hash Health API endpoint or trusted proxy. Key points to consider: - The skill will send your HASH_HEALTH_TOKEN as a Bearer token to that domain and auto-upload images/text without asking — if the domain is not trusted, your account access and personal data could be exposed. - Ask the publisher: why use that domain instead of an official Hash Health API? Request documentation or a privacy/security policy. - If you proceed, consider using a restricted or test API key (not your primary account key) and be prepared to rotate/revoke it if anything looks suspicious. - If you need the skill to prompt before uploading images or before sending sensitive data, ask the developer to modify SKILL.md to require explicit user confirmation prior to any upload. Given the unresolved mismatch between the "no third parties" claim and the explicit third-party endpoint, treat this skill as potentially risky until you confirm the endpoint's trustworthiness.

Like a lobster shell, security has layers — review code before you run it.

latestvk9731mdjmkvyn81xhcxj6fpjdx841xea

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🥗 Clawdis
EnvHASH_HEALTH_TOKEN
Primary envHASH_HEALTH_TOKEN

Comments