CareMax Indicators

Security checks across malware telemetry and agentic risk

Overview

The skill appears to support legitimate CareMax health tracking, but it needs review because it can read and write sensitive health records through external auth scripts with broad triggers and limited pre-action consent guidance.

Install only if you trust the separate caremax-auth scripts and are comfortable letting an agent access CareMax health indicators. Before use, confirm which profile is being accessed, require confirmation before saving any reading, and verify where OAuth tokens are stored and how to revoke access.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The trigger list contains broad everyday terms such as 'trend', 'quick log', 'daily vitals', and common body metrics, which can cause the skill to activate in conversations that are not clearly asking to use this specific health API workflow. In a health-data skill, unintended invocation is more sensitive because it may lead the agent to fetch or log personal medical information when the user did not explicitly intend that action.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal