ClawHub

Glucose Revolution: The Life-Changing Power of Balancing Your Blood Sugar

Security checks across malware telemetry and agentic risk

Overview

This health-advice skill is not malware, but it gives concrete blood-sugar and diabetes-related guidance with broad activation and weak in-response safety framing.

Review this carefully before installing if you have diabetes, are pregnant, take glucose-lowering medication, have a history of eating disorders, or are making treatment decisions. Treat it as educational book-derived wellness content, not medical advice, and consult a qualified clinician before changing diet, medication, or diabetes management.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

High
Confidence
97% confidence
Finding
The trigger list is excessively broad and includes many generic health, nutrition, and metabolic terms, plus a rule to trigger when the user says they just installed the skill or does not know how to start. This can cause the skill to activate in unrelated conversations and inject unsolicited health advice, increasing the chance of misrouting, user confusion, and inappropriate guidance in sensitive contexts.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill provides concrete health and quasi-medical guidance about blood sugar, diabetes, PCOS, HbA1c, insulin resistance, gestational diabetes, and behavior changes without any disclaimer, triage, or instruction to consult a clinician for diagnosis or treatment decisions. In this context, the absence of safety framing is dangerous because users may treat the content as personalized medical advice, delay proper care, or apply recommendations that are unsuitable for their condition or medications.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This file gives concrete health-related advice about modifying meals, using vinegar, changing breakfast composition, and post-meal activity without any warning that effects vary by person or that some users may have relevant medical conditions, medications, or contraindications. In a wellness skill explicitly targeting blood sugar, insulin resistance, type 2 diabetes, and related conditions, users may treat these techniques as quasi-medical guidance and apply them unsafely or in place of professional care.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal