ClawHub

Nutrigenomics

Security checks across malware telemetry and agentic risk

Overview

This skill coherently performs local nutrigenomics report generation, but users should treat the generated files as sensitive genetic information and delete them when done.

Install only if you are comfortable processing genetic data locally and storing derived genotype results on disk. Run it in a private workspace, avoid shared machines or synced folders, review the output before sharing it, and delete the generated nutrigenomics_output folder after saving what you need.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill invokes Python directly and explicitly states it writes timestamped output directories, reports, figures, and reproducibility artifacts to disk, yet no corresponding permissions are declared. This is a real capability/permission gap: users and orchestrators may treat the skill as lower risk than it is, especially because it handles highly sensitive genetic data and persists derived genotype information locally.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The adapter returns the absolute output directory path and explicitly stores derived genomic analysis artifacts on disk until manual deletion. In a genomics context, those outputs are highly sensitive and the manifest's privacy claim ('never leaves your device') can mislead users into underestimating local retention and exposure through logs, UI surfaces, backups, or other local processes.

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
The reproducibility bundle extends data handling beyond the stated purpose of generating a nutrition report and may preserve copies or metadata of the user's genomic input. Because genetic data is uniquely sensitive and effectively immutable, unnecessary duplication increases the risk of disclosure, later misuse, and retention beyond user expectations.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The example invocation phrase, “Generate my personalised nutrition report from my genome file,” is broad and closely resembles a natural user request rather than a clearly namespaced skill trigger. In an agent platform, this can cause accidental or ambiguous activation, leading users to disclose highly sensitive genetic data to the wrong skill or invoke this skill when they intended a general discussion.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The code creates a timestamped output directory and persists sensitive genetic analysis results without an upfront warning or explicit consent at the point of processing. For genomic data, silent retention is risky because reports, figures, and related artifacts may be readable by other local users, included in backups, or left behind indefinitely.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal