ClawHub

Meal Planner

Security checks across malware telemetry and agentic risk

Overview

This meal-planning skill stores household food preferences locally, which is expected for its purpose, but users should avoid saving more sensitive family or health detail than needed.

Install only if you are comfortable keeping meal-planning details in local markdown files. Avoid full names, exact ages, and unnecessary medical details; keep allergies and restrictions only as specific as needed, and disable or decline proactive reminders if you only want the skill to respond when directly invoked.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The template directs creation of a persistent file in the user's home directory containing sensitive household data, including names, ages, allergies, health-related dietary restrictions, shopping habits, and routines, without any privacy warning, minimization guidance, or consent controls. In a meal-planning context this data is especially sensitive because allergies and child information can reveal health and family details that should not be stored indefinitely by default.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The setup instructs the skill to engage 'whenever you're thinking about food' and to ask whether it should proactively help or remind the user. This creates ambiguous activation boundaries and can lead to unsolicited engagement in ordinary conversation, increasing the chance of overreach, privacy-intrusive prompting, or unexpected persistence in contexts where the user did not clearly invoke the skill.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal