BestYou Coach Dashboards

Security checks across malware telemetry and agentic risk

Overview

This is a coherent BestYou health-dashboard skill, but it handles sensitive health data and a persistent API key that users should protect carefully.

Install only if you trust BestYou and mcporter. Treat the BestYou API key like a password: keep the config private, avoid syncing or committing it, restrict file access where possible, and revoke or rotate the key if exposed. Be cautious on shared machines, and ask for confirmation before using write-capable nutrition or workout actions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Rogue AgentSelf-Modification, Session Persistence
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands

Findings (12)

Context-Inappropriate Capability

Medium

Confidence: 95% confidence
Finding: The skill instructs the agent to execute local shell commands and even install software (`npm install -g mcporter`) as part of normal operation, despite the skill’s stated role being dashboard rendering. Expanding from presentation into host-side package management increases attack surface, enables unintended system changes, and could be abused to run untrusted tooling or alter the local environment without clear necessity.

Context-Inappropriate Capability

Medium

Confidence: 97% confidence
Finding: The skill directs creation or modification of a local config file containing a Bearer API key, which exceeds a rendering skill’s scope and encourages persistent credential handling on disk. This can expose secrets through filesystem leakage, backups, logs, or later compromise of the local workspace, especially because the file is tied to future automated tool execution.

Context-Inappropriate Capability

Low

Confidence: 94% confidence
Finding: The stylesheet imports Google Fonts from a third-party domain, which causes client devices rendering the dashboard to make outbound network requests unrelated to core health-data visualization. This leaks metadata such as IP address, user agent, timing, and possibly referrer context to Google, expanding the skill's external data exposure surface beyond what is necessary for local styling.

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The installation guide includes very broad trigger phrases such as 'What's my day look like?' and 'How am I doing?' that are common in normal conversation. In an agent ecosystem, overly generic invocation examples can cause accidental routing to this skill and unintended access to health-related functionality or data when the user did not explicitly mean to invoke it.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: This guide instructs users to connect a live health-data API and verify account link status, but it does not provide a clear privacy warning, data-sensitivity notice, or guidance on safe handling of medical/wellness information. Because the skill processes personal health information, missing disclosure and consent-oriented guidance increases the risk of users exposing sensitive data without understanding retention, sharing, or display implications.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill handles a sensitive API key and tells the operator to place it into configuration without any warning about secure storage, scope, rotation, or exposure risks. Because the key grants access to a health-data service, poor credential hygiene could lead to unauthorized access to personal data or misuse of the linked account.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The skill describes sending BestYou health data through MCP tools and rendering responses, but it does not disclose that sensitive personal health information may be transmitted to external services or local tools. In the health context, missing privacy and data-transmission notice is more serious because users may not realize their wellness, meal, and workout data is being processed outside the immediate chat context.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The page provides health and diet-oriented analysis and prescriptive guidance such as protein adequacy, micronutrient benefits, recovery support, and recommended food substitutions, but it does not disclose that the content is informational rather than medical or dietary advice. In a health coaching skill, users may reasonably rely on these recommendations as personalized guidance, increasing the risk of harm for people with medical conditions, allergies, eating disorders, or specialized dietary needs.

Missing User Warnings

Low

Confidence: 95% confidence
Finding: Loading an external font from fonts.googleapis.com results in a browser request to a third party whenever the UI is rendered, which can expose user/system metadata without any in-file disclosure or necessity for the skill's primary function. In a health-focused dashboard context, even indirect third-party requests are more sensitive because they occur alongside potentially privacy-sensitive usage patterns.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The workout prescribes specific loads, reps, and an intermediate difficulty level without any visible warning that the plan may not be appropriate for all users or that weights should be adjusted based on ability, injury status, and medical conditions. In a health and fitness coaching skill, this can lead users to overexert themselves or perform unsuitable movements, increasing the risk of strain or injury.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The setup guide instructs the user to paste a live API key into a local JSON config file and provides no warning that this creates a persistent plaintext credential on disk. If the workstation, home directory, backups, logs, or repo sync are compromised or shared, the token could be recovered and used to access the user's BestYou data.

Session Persistence

Medium

Category: Rogue Agent
Content: Key format: `by_mcp_live_...` ### 2. Create the mcporter config Write the config file at `~/.openclaw/workspace/config/mcporter.json`:
Confidence: 91% confidence
Finding: Create the mcporter config Write the config file at `~/.openclaw/workspace/config/mcporter.json`: ```json { "mcpServers": { "bestyou": { "baseUrl": "https://mcp.bestyou.ai/mcp", "h

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal