ClawHub

Skill Health

Security checks across malware telemetry and agentic risk

Overview

This skill appears purpose-built for local wearable-health analysis, but it produces medical-adjacent alerts from sensitive data with limited user-facing safeguards or caveats.

Install only if you are comfortable giving the skill access to wearable health exports and storing derived JSON reports locally. Treat alerts such as possible illness, possible sleep apnea, or burnout as wellness signals, not medical advice, and use a dedicated input/output folder rather than broad or sensitive filesystem locations.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill documentation instructs users to run local Python scripts against user-supplied ZIPs/folders and to write outputs, which implies file read/write capability, yet no permissions are declared. This creates a transparency and policy gap: operators may grant or assume broader filesystem access than expected, and health data is sensitive, so undeclared access increases privacy and misuse risk.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
This code generates sensitive health inferences such as 'pre-illness', 'possible sleep apnea', and 'burnout' from wearable data without any in-file indication of consent checks, user disclosure, uncertainty language controls, or gating for medical-style conclusions. In a health-analysis skill, these outputs can materially affect user decisions and expose highly sensitive inferred health information, so the lack of warning and safeguards is a real privacy and safety issue even though it is not classic code execution risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal