ClawHub

Personal Fitness Coach

Security checks across malware telemetry and agentic risk

Overview

This fitness skill is purpose-aligned, but it needs review because it stores sensitive health and workout data locally and presents medical-adjacent coaching with real-sounding professional credentials.

Review before installing if you plan to share medical, diet, injury, or body-composition details. Treat the named coaches as AI personas, not verified licensed professionals. Use the helper scripts only for intended meal/workout logs, and prefer normal YYYY-MM-DD dates until path validation and clear log deletion/export guidance are added.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill specifies file-backed data structures and references scripts that log meals and workouts, implying local file write capability without any declared permissions or explicit user consent model. Undeclared persistence is risky because health, body composition, and training data are sensitive, and hidden writes can surprise users or violate platform expectations.

Tp4

High
Category
MCP Tool Poisoning
Confidence
95% confidence
Finding
The published description presents the skill as a coaching system, but the content also defines persistent local logging and script-driven tracking behavior. This mismatch is dangerous because users and reviewers may not realize the skill stores sensitive health data locally, reducing informed consent and weakening oversight of data handling.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The activation description is broad enough to match many ordinary fitness or nutrition questions, which can cause the skill to engage unexpectedly. Over-broad triggering increases the chance that the persona collects health data or initiates logging workflows in contexts where the user did not intend to activate this specialized skill.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The workflow triggers use vague conditions like asking about diet or workouts, without limits on when data collection, persona switching, or persistence should occur. Ambiguous triggers can lead to overreach, including unsolicited profiling or logging from casual conversation about food or exercise.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal