ClawHub

Bioinformatics

Security checks across malware telemetry and agentic risk

Overview

This skill is a local bioinformatics helper whose file access, output generation, and optional memory are disclosed and aligned with sequence-analysis work.

Install if you are comfortable running local command-line bioinformatics tools on potentially sensitive sequencing data. Keep raw data read-only or backed up, choose secure output paths, review commands before running them, and enable ~/bioinformatics/ memory only for project details and activation preferences you want retained locally.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The setup instructions direct the skill to create a persistent workspace and save user project context beyond the bioinformatics analysis function described in the metadata. Even though it asks for initial consent, it establishes ongoing storage of project details and preferences, which can expand data collection and retention without a narrowly scoped operational need.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill explicitly instructs saving organism, reference genome, analysis types, compute environment, and tool preferences to a local memory file. This is persistent collection of user and project metadata not reflected in the declared sequence-analysis capability, creating a privacy and scope-expansion risk if sensitive research context or infrastructure details are retained unnecessarily.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The activation criteria are broad enough to trigger on general mentions of sequence data, NGS, FASTQ, or genomics, which can cause the skill to engage and begin collecting context in situations where the user did not intend to use it. In combination with the persistence behavior elsewhere in the file, this broad trigger increases the chance of unnecessary data collection and unexpected activation.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The instruction to save the user's activation preferences to main memory creates persistent storage of behavioral/profile information without an explicit ongoing storage warning at the point of collection. Users may consent to creating a workspace but still not understand that future-trigger preferences are being retained across sessions, which weakens informed consent.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The document provides end-to-end variant-calling commands that create, overwrite, and transform BAM/VCF outputs containing highly sensitive genomic data, but it gives no warning about privacy, storage location, retention, or overwrite risk. In bioinformatics workflows, these files can expose uniquely identifying health information, so omission of handling guidance increases the chance of accidental disclosure or insecure processing.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal