ClawHub

李可老中医思维操作系统

Security checks across malware telemetry and agentic risk

Overview

This skill is not software malware, but it should be reviewed carefully because it gives actionable emergency medical and toxic-herb dosing advice with weak safety boundaries.

Install only if you intend to use it as a historical or scholarly TCM reference. Do not rely on it for diagnosis, dosing, emergency care, cancer treatment, blood-pressure decisions, children, pregnancy, or toxic herbs; those topics need licensed medical care and emergency services when urgent.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (41)

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The skill explicitly discourages standard medical-safety language while simultaneously instructing the agent to give high-risk treatment content in a forceful style. In a medical context involving emergency care and toxic/high-dose substances, suppressing clear escalation and clinician-supervision warnings can materially increase the chance that users act on unsafe instructions without appropriate care.

Intent-Code Divergence

High
Confidence
99% confidence
Finding
Although the file claims the content is only for learning/reference and says high-dose use requires physician guidance, the operational instructions still direct the agent to provide exact emergency-treatment workflows, named formulas, administration methods, and gram-level dosing. That contradiction makes the disclaimer ineffective and creates a real risk of users treating life-threatening conditions or self-administering toxic substances based on the model's output.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The activation rules are broad enough to trigger on ordinary discussion of serious diseases, dosage, or treatment topics without an explicit request for this specialized persona. That increases the probability that users seeking general medical information will instead receive aggressive, niche, high-risk treatment framing and dosing-oriented content.

Vague Triggers

Medium
Confidence
87% confidence
Finding
Several trigger phrases are common medical queries such as emergency questions or dosage questions, so the skill may activate during routine health conversations. In this context, accidental activation is more dangerous because the skill is designed to output concrete, high-risk medical content rather than neutral informational guidance.

Missing User Warnings

High
Confidence
99% confidence
Finding
The skill instructs the agent to give concrete composition, exact gram amounts, preparation steps, and administration details for dangerous medical treatments while also discouraging ordinary safety caveats. This is highly unsafe because it turns the model into an operational guide for emergency treatment and use of potentially toxic substances, increasing risk of poisoning, delayed care, and severe injury or death.

Missing User Warnings

High
Confidence
98% confidence
Finding
The skill explicitly endorses remote emergency guidance with specific high-risk dosing for life-threatening conditions despite acknowledging that lack of direct examination makes it extremely risky. In context, this can encourage users to attempt improvised emergency treatment instead of calling emergency services, with substantial risk of fatal delay or toxic harm.

Missing User Warnings

High
Confidence
98% confidence
Finding
The appendix gives explicit emergency-use dosing, preparation, and administration instructions for a highly toxic substance (aconite/附子), including 'acute' rapid-decoction and continuous feeding guidance, while framing it as lifesaving. In a user-facing skill, this materially enables dangerous self-treatment or unlicensed treatment of heart failure and shock-like presentations, where delay of evidence-based emergency care can be fatal and the dosing itself can cause severe poisoning or arrhythmia.

Missing User Warnings

High
Confidence
97% confidence
Finding
The case series repeatedly narrates dramatic recoveries from severe heart failure, myocardial infarction, arrhythmia, coma, and respiratory failure using extreme doses and improvised administration, but offers little to no direct discouragement of imitation within the file itself. This presentation can strongly persuade vulnerable readers to self-medicate, pressure others into unsafe treatment, or substitute these interventions for urgent hospital care in time-critical emergencies.

Missing User Warnings

High
Confidence
99% confidence
Finding
This file gives extensive stroke, intracranial hemorrhage, coma, shock, and emergency-treatment instructions with precise dosing, preparation steps, and escalation guidance for potent substances, while lacking file-level safety framing that clearly prohibits self-treatment and directs users to emergency medical care. In this context, readers may treat it as actionable guidance for life-threatening conditions, leading to delayed hospital treatment, toxic dosing, poisoning, worsening hemorrhage, arrhythmia, or death.

Missing User Warnings

High
Confidence
99% confidence
Finding
This section presents acute stroke/brain hemorrhage rescue actions as direct steps, including bloodletting, forceful needling, and ingestion of toxic or highly potent materials such as raw pinellia, raw aconite-related substances, musk, and other high-risk agents, without explicit toxicity or emergency-care warnings in the section itself. For a lay or overly trusting user, this can prompt dangerous self-treatment during a medical emergency where minutes matter, increasing the risk of irreversible neurologic injury or death.

Missing User Warnings

High
Confidence
98% confidence
Finding
The file contains extensive medical case content with highly actionable treatment instructions, including emergency care claims and repeated dosing of high-risk/toxic substances such as附子、细辛、麻黄、麝香等, sometimes at very large doses, while the file itself does not present a clear per-case user-facing safety warning or prohibition against self-treatment. In skill context this is more dangerous, not less, because the content is positioned as an operational system for handling acute and life-threatening conditions, which could prompt users to act on it directly and delay evidence-based care or cause poisoning, overdose, fetal harm, or death.

Missing User Warnings

High
Confidence
99% confidence
Finding
The file contains extensive, highly specific cancer and critical illness treatment regimens, including extreme dosages, toxic substances, and claims of cure or remission, but does not place a clear, file-level warning in the content itself that these are historical case notes unsuitable for self-treatment or unsupervised clinical use. In a skill explicitly triggered by medical questions such as emergency care, dosage, and oncology-related topics, this can plausibly lead users to follow dangerous advice, delay evidence-based care, or ingest toxic compounds.

Missing User Warnings

High
Confidence
99% confidence
Finding
This file contains extensive, highly specific medical treatment instructions, including large doses, emergency/critical-care claims, and disease-treatment protocols for conditions such as heart failure, stroke, renal failure, cancer, diabetes, seizures, and pediatric illness. Although the skill metadata includes a brief caution, the file itself overwhelmingly presents prescriptive content and efficacy claims in a way that could be used for self-medication or to override proper medical care, creating a serious risk of poisoning, delayed treatment, or death.

Missing User Warnings

High
Confidence
91% confidence
Finding
This section provides actionable treatment principles for acute and chronic illness using potent warming formulas, including emergency framing such as '救阳为先' and named rescue formulas, before establishing strong, prominent medical safety constraints. In a consumer-facing skill, that can encourage lay users to interpret the content as practical treatment guidance rather than historical or academic description, especially for urgent conditions where delaying proper care can cause serious harm.

Missing User Warnings

High
Confidence
98% confidence
Finding
This passage gives explicit high-dose and ultra-high-dose aconite guidance, including quantities up to and above 300g, preparation instructions such as prolonged decoction, and use in emergency scenarios. Aconite is highly toxic, and presenting operational details in a skill materially increases the risk of poisoning, dangerous self-experimentation, and substitution for emergency medical care.

Missing User Warnings

High
Confidence
97% confidence
Finding
The high blood pressure section advises users not to check blood pressure frequently and to continue a remedy even if blood pressure rises, while framing standard antihypertensive treatment as harmful. That can discourage monitoring and evidence-based treatment of hypertension, increasing the risk of stroke, heart failure, kidney injury, and delayed escalation when blood pressure becomes dangerous.

Missing User Warnings

Critical
Confidence
99% confidence
Finding
This oncology passage tells readers not to undergo radiotherapy or chemotherapy and suggests survival is generally prolonged by avoiding them, without balancing evidence, case specificity, or urgent oncology referral language. In a health skill, such natural-language discouragement of standard cancer treatment can directly contribute to refusal or delay of lifesaving care, disease progression, and preventable death.

Missing User Warnings

High
Confidence
96% confidence
Finding
The content describes emergency-style treatment for severe conditions and explicitly cites very high aconite (附子) dosing in a near-fatal case, but the local section lacks an immediate, prominent warning to seek urgent professional care and not self-administer. In this skill context, the danger is elevated because the skill is framed as an operational system for acute critical illness and includes concrete formulas and doses that a user could misapply.

Missing User Warnings

High
Confidence
98% confidence
Finding
The document asserts that dose is the key to efficacy and that lower doses may be ineffective or dangerously delayed, which can pressure users toward escalating doses on their own. Because the skill presents itself as authoritative and educational for applying Li Ke's methods, these statements can encourage unsafe self-medication with potent traditional medicines without adequate toxicology, contraindication, or supervision guidance.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
Claims that the practitioner rescued large numbers of terminal heart-failure patients can create false confidence and may lead users to rely on the skill instead of evidence-based emergency care. In this context, the risk is amplified because the skill repeatedly links severe cardiopulmonary emergencies with a specific traditional diagnostic/treatment framework without a nearby warning that it is not a substitute for urgent medical evaluation.

Missing User Warnings

High
Confidence
98% confidence
Finding
The file opens with detailed dose-conversion tables and high-risk dosing guidance for toxic herbs such as附子、川乌、细辛等, but does not lead with a strong, unavoidable safety warning or refusal boundary. This is dangerous because a user can directly operationalize the instructions for self-medication before encountering any meaningful risk context, including potentially lethal dosing errors.

Missing User Warnings

High
Confidence
99% confidence
Finding
This section gives especially actionable emergency-intervention instructions, including escalating附子 dosage, rapid-boil preparation, and '随煮随灌' administration for critically ill patients. Such instructions can prompt lay users to attempt toxic emergency treatment instead of seeking urgent medical care, creating a high risk of poisoning, delayed evidence-based treatment, or death.

Natural-Language Policy Violations

Medium
Confidence
93% confidence
Finding
The statement that a single formula approach '通治一切外感' and that common alternatives '绝不能用' is an overbroad universal treatment claim that can override individualized medical judgment. In a medical skill, this is dangerous because users may ignore symptoms requiring different treatment or urgent evaluation, leading to mistreatment and delayed care.

Missing User Warnings

High
Confidence
99% confidence
Finding
The remainder of the file continues to provide a large volume of precise, self-actionable recipes, escalation schedules, compatibility overrides, and administration methods for toxic substances and serious conditions including shock, stroke, heart failure, cancer, bleeding, infection, and urinary obstruction. The skill context makes this more dangerous, not less, because it is positioned as an operational '思维操作系统' with trigger phrases for urgent care scenarios, encouraging real-world use of hazardous interventions.

Missing User Warnings

High
Confidence
95% confidence
Finding
This section gives concrete treatment recommendations for serious presentations such as high fever, severe sore throat, and possible collapse-pattern states, including explicit directions like '四逆汤回阳,不可清热' and a case example with prescription changes, but the local section lacks a strong, immediate warning not to self-treat or to seek urgent medical care. In the context of a skill explicitly positioned around emergency and critical-care TCM thinking, users may misapply these instructions, delay emergency evaluation, or avoid standard treatment, creating significant risk of harm.

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal