ClawHub

It Starts with the Egg: How the Science of Egg Quality Can Help You Get Pregnant Naturally, Prevent Miscarriage, and Improve Your Odds in IVF

Security checks across malware telemetry and agentic risk

Overview

This fertility skill is coherent with its stated purpose, but it gives specific supplement and dosing guidance without enough in-skill medical safety boundaries.

Review this carefully before installing. It does not appear to contain malware or hidden system access, but users could treat its fertility supplement protocols as personalized medical advice. Anyone using it should verify recommendations with a fertility specialist or physician, especially before taking DHEA, melatonin, myo-inositol, or changing an IVF or conception plan.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger list is extremely broad and includes many common fertility, IVF, nutrition, and reproductive-health terms, so the skill may activate in conversations where the user did not intend to invoke this specific framework. In a medical-adjacent context, unintended activation is risky because it can steer users toward supplement and treatment-oriented advice without first establishing appropriateness, scope, or clinician involvement.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill is configured to trigger when users say they just installed the skill or do not know how to start, which is ambiguous onboarding language unrelated to fertility intent. This can cause unsolicited medical-adjacent guidance to be shown proactively, increasing the chance of inappropriate advice delivery to users who have not asked for fertility recommendations.

Missing User Warnings

High
Confidence
98% confidence
Finding
The skill offers condition-specific supplement guidance such as DHEA for diminished ovarian reserve, melatonin for IVF, and myo-inositol for PCOS, but it provides no clear safety disclaimer, contraindication screening, or instruction to consult a qualified clinician. In a fertility and pregnancy context, this is particularly dangerous because supplements can affect ovulation, interact with medications, be inappropriate for certain conditions, and may delay proper medical evaluation.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
This section gives concrete medical and supplement recommendations, including condition-specific use of melatonin, myo-inositol, DHEA, and dosage guidance for CoQ10, without a clear warning that fertility treatment and supplement use require clinician oversight. In a fertility/IVF context, users may act on this advice directly, and some recommendations can be inappropriate or harmful depending on diagnosis, medications, hormone status, or treatment protocol.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The file gives concrete medical supplement recommendations and dosage ranges for fertility-related conditions, including DHEA, melatonin, myo-inositol, NAC, zinc, selenium, and CoQ10, without any warning to consult a clinician, review contraindications, or consider pregnancy/IVF-specific risks. In a fertility context, users may act on this advice directly, and inappropriate self-medication can cause adverse effects, drug interactions, delayed care, or harm during conception treatment.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
This guidance instructs the agent to respond in an empowering, evidence-based voice about fertility interventions, but it does not require a clear medical disclaimer or direction to consult a qualified clinician. In a reproductive health context involving IVF, miscarriage, supplements, and individualized treatment decisions, omission of that boundary can cause users to treat the skill's outputs as personalized medical advice.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal