ClawHub

Calorie Tracker

Security checks across malware telemetry and agentic risk

Overview

This calorie-tracking skill needs Review because it handles sensitive health data in cloud services while privacy, token, and region boundaries are unclear.

Install only if you trust this provider with food, exercise, weight, image, email, and token data. Before using it, clarify where your data will be stored, how tokens are protected and revoked, and why purchase/crypto-related capability tags are present for a calorie tracker.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (8)

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The skill claims that all raw user text is processed locally and not uploaded to external servers, but elsewhere states that food, exercise, and weight records are stored and queried via external API services. Because these records are derived directly from user health inputs and include sensitive personal health data, the documentation creates a misleading privacy representation that could cause users to disclose data under false assumptions. In a health-tracking skill, this inconsistency is especially dangerous because the data category is sensitive and may reveal medical, lifestyle, and body metrics.

Natural-Language Policy Violations

Medium
Confidence
82% confidence
Finding
The skill exposes separate US and China service endpoints but does not explain how a user's region is selected or whether the user can choose where their sensitive health data is stored. For health and nutrition records, silent or undocumented routing to a jurisdiction materially affects privacy, legal rights, and user expectations, especially when data residency and cross-border transfer rules differ. The health context increases risk because the transmitted data is sensitive personal data rather than ordinary telemetry.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The documentation describes remote storage and querying of food, exercise, and weight records through external API services, but it does not clearly warn users that their sensitive health data will leave the local environment and be transmitted to cloud services. Users may believe they are only using local analysis, especially given the nearby localization claims, resulting in uninformed disclosure of protected or highly sensitive personal information. This is more dangerous in this skill because it collects longitudinal health data, which can be used to profile habits, body status, and wellness trends.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The skill instructs agents to collect email-based verification codes, obtain bearer tokens, and store/reuse those tokens, but it does not define strong safeguards such as encrypted storage, scope minimization, log redaction, consent language, or token handling boundaries. In a health-related skill, these credentials protect access to potentially sensitive food, exercise, and profile data, so vague credential-handling guidance increases the risk of leakage or misuse.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly requires passing users' original exercise descriptions verbatim and uploaded image URLs directly to backend APIs, but provides no privacy notice, consent step, or data-minimization guidance. Because exercise descriptions and images can reveal sensitive health, location, routine, or biometric information, silently transmitting them to backend services increases the risk of unintended disclosure and privacy noncompliance.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill explicitly requires sending users' raw food descriptions and publicly accessible image URLs verbatim to remote APIs, but it provides no user-facing notice, consent step, or minimization guidance. In a health-related skill, freeform food descriptions and images can contain sensitive personal or medical inferences, so silent transmission to third-party services creates a real privacy and data-sharing risk.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This module explicitly handles sensitive health data, including weight, BMI, and trend analysis, but provides no privacy notice, minimization guidance, or handling constraints. In a health-management context, collecting and analyzing such data without warning users about sensitivity, retention, sharing, or consent increases the risk of overcollection and inadvertent exposure of personal health information.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The skill encourages users to upload screenshots/photos of health apps, wearables, and interfaces, which commonly include additional sensitive information such as names, profile details, timestamps, device IDs, notifications, or unrelated health metrics. Without an explicit warning to crop/redact screenshots and avoid unnecessary personal data, the skill increases the likelihood of collecting more sensitive data than required.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal