ClawHub

CareMax Members

Security checks across malware telemetry and agentic risk

Overview

This skill appears legitimate, but it can access sensitive family health records and automatically starts an external authentication flow without clear user confirmation.

Review before installing. Only use this if you trust the separate caremax-auth package, understand how it stores credentials, and are authorized to access each family member's health records. Confirm the intended family member before retrieving or showing non-default medical data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger list includes broad phrases like 'family member', 'my family', and relationship-based health terms that can match ordinary conversation and cause the skill to activate in contexts the user did not clearly intend. Because this skill can enumerate members and scope requests to another person's health data, over-broad activation increases the risk of unnecessary exposure of sensitive family health information.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly supports listing family members and retrieving indicators and records for a specified memberId, including spouse, child, or parent data, but provides no user-facing privacy warning, consent check, or relationship/authorization validation guidance. In a health context, this creates a significant risk of exposing highly sensitive medical information about another person through ambiguous or overly broad requests.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal