ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Blood Pressure Therapy

v3.0.1

25分钟快速起效的靶向非药物音频辅疗系统,覆盖血压偏高人群全周期管理——基础数据采集、 日常血压监测、趋势分析、危险预警及AI个性化音频干预方案。通过降低去甲肾上腺素和皮质醇 的分泌、激活迷走神经,来达到辅助调节血压的效果。

0· 111·0 current·0 all-time
by@hcrunner
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (non‑drug audio therapy and BP management) align with the instructions: collecting a health profile, asking for current BP, classifying per AHA/ACC, recommending a 25‑minute audio resource. The local profile file (./hc_profile.md) and the provided audio link are consistent with the declared purpose.
!
Instruction Scope
Runtime instructions explicitly direct the agent to read/write a local profile file (./hc_profile.md), collect 10 items of personal health data, save the JSON to disk, and store the same data in long‑term memory via the update_memory tool. Storing sensitive health information persistently is beyond simple ephemeral interaction and raises privacy concerns; the skill does not describe retention, access controls, or user consent handling.
Install Mechanism
Instruction‑only skill with no install spec, no binaries, and no code files — low install risk because nothing is downloaded or executed by the installer.
!
Credentials
No environment variables or external credentials are requested (good), but the skill requires persistent storage of personal health data (writes ./hc_profile.md and uses update_memory). Persisting PHI (health status, BP, age, family history, lifestyle) to agent memory or disk is a high‑sensitivity operation and should be explicitly justified and consented to by the user.
Persistence & Privilege
always:false (normal). However, the skill directs long‑term persistence via update_memory and file writes — this grants it ongoing access to stored user health data across sessions even though it is not marked 'always'. That persistence increases privacy exposure even if autonomous invocation is not otherwise restricted.
What to consider before installing
This skill will collect sensitive health information (age, BP, family history, smoking/drinking, sleep, stress, etc.), save it to a local file (./hc_profile.md), and write it into the agent's long‑term memory (update_memory). Before installing: 1) Decide whether you are comfortable with persistent storage of health data and confirm how long the platform retains memory; 2) Do not store data you consider private unless you trust the platform and have consent; 3) Verify the audio resource domain (https://myxt.com) before following links or streaming content — validate provenance and safety of the audio; 4) Consider asking the agent NOT to call update_memory or disabling memory for this skill if you want only ephemeral interactions; 5) This is not a replacement for medical care — consult a healthcare professional for diagnosis/treatment. If you require stronger privacy guarantees or regulatory compliance (e.g., HIPAA/GDPR), do not install until you can confirm them.

Like a lobster shell, security has layers — review code before you run it.

latestvk973pn3555bjz30dhs0q2p1axx84rw9n

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments