ClawHub

Ultrahuman Biodata Assistant

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Ultrahuman health-data helper, but it can fetch sensitive biometric data from stored account details on broad prompts without an explicit confirmation step.

Install only if you want your agent to access Ultrahuman account health data through the configured MCP server. Confirm the server and account are trusted, and consider instructing your agent to ask before fetching data when your request could be interpreted as a general wellness question.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The invocation guidance is broad enough to activate on generic health or sleep questions even when the user may not be asking to access Ultrahuman data. That can cause unnecessary use of a sensitive health-data integration and may lead to unintended retrieval or exposure of personal biometric information.

Vague Triggers

Medium
Confidence
84% confidence
Finding
Examples like "how did I sleep" or "morning brief" are underspecified and can match ordinary conversational questions that do not imply consent to query a connected health service. In this context, ambiguous triggering is risky because the skill accesses sensitive sleep and recovery metrics tied to a user account.

Missing User Warnings

Medium
Confidence
80% confidence
Finding
The skill processes highly sensitive health data and uses account email from environment or user input, but it does not instruct the agent to provide a privacy notice or obtain clear user acknowledgment before retrieval. This increases the chance of collecting or exposing health information without sufficient transparency, especially in shared or delegated environments.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal