ClawHub
Back to skill

Security audit

ClawHealth Data Skill

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only skill for a hosted health-data service, and its sensitive token and health-data use are disclosed and aligned with its purpose.

Install only if you intend your agent to use ClawHealth and send authorized health, nutrition, mood, readiness, and profile data to clawhealth.site. Treat the Agent API token like a password, avoid sharing it in chats or logs, and delete or rotate it in the ClawHealth iOS app if access should stop.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The README explicitly states that the skill uses a long-lived Agent API token and accesses highly sensitive health-related data, but it does not provide clear privacy, storage, revocation, or handling warnings. In a health-data context, long-lived credentials materially increase the blast radius of token leakage, and the absence of explicit caution can lead to unsafe deployment or overbroad data exposure by downstream agents and users.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The invocation guidance is broad enough that a general-purpose agent may route ordinary health, readiness, nutrition, or training questions into this skill without an explicit handoff. In this context, unintended invocation is risky because the skill is designed to use stored identifiers and bearer tokens and may transmit sensitive health data to a hosted third-party service when the user did not clearly intend that action.

Missing User Warnings

High
Confidence
96% confidence
Finding
The skill handles highly sensitive health data plus long-lived API tokens, but it does not prominently warn the user that their data and credentials will be sent to an external hosted service. Because the setup encourages storing a bearer token and reusing it silently, users may not understand the privacy, retention, and third-party processing implications before health data is transmitted.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal