ClawHub

Medication Manager

Security checks across malware telemetry and agentic risk

Overview

This medication skill fits its purpose, but it needs review because it stores sensitive family health records in plain local files and can send medication reminders through third-party notification services without strong privacy warnings.

Review this before installing if you will store real medical information. Use a private encrypted directory with restrictive permissions, avoid shared or synced folders unless trusted, keep backups protected, delete old photos/logs when no longer needed, and configure reminders with generic or redacted text. Verify every webhook, email, and chat recipient before enabling reminders.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Context-Inappropriate Capability

Medium
Confidence
84% confidence
Finding
The webhook section provides a generic pattern for POSTing medication reminder content to arbitrary URLs, which expands the skill from file-based record management into unrestricted outbound network communication. In a medication-management context, this can expose sensitive health data to attacker-controlled endpoints or enable data exfiltration if webhook URLs are maliciously supplied or insufficiently validated.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README encourages configuring webhook and email reminders for medication events but does not clearly warn that protected health-related information may be sent to third-party services outside the local file store. In this skill's context, reminder content can reveal medications, conditions, schedules, and family member identities, creating a real privacy and compliance risk if users assume the system is fully local and private.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill instructs the agent to collect and store highly sensitive health data for multiple family members, including allergies, chronic conditions, medication history, and children's weight, but it does not require an explicit privacy warning or informed consent before local persistence. In a family-medication context, this raises meaningful confidentiality risk because local markdown files and media archives may be readable by other users, backups, logs, or host processes.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill asks users to provide webhook URLs and mandates sending test notifications, but it does not warn that medication names, schedules, or health-related reminders may be transmitted to third-party services outside the local environment. Because this workflow handles medical information, sending test messages or routine reminders through external platforms can expose sensitive data to service providers, misconfigured endpoints, or unintended recipients.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The setup guide instructs collection of highly sensitive personal and health data, including allergies, birth dates, weight, and chronic conditions, and stores them in local markdown files without any privacy, access control, encryption, retention, or sharing warning. In a family medication-management context, this creates a real confidentiality and safety risk because exposure or tampering of these records could lead both to privacy harm and incorrect medication decisions.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The file explicitly recommends storing highly sensitive health and personal data, including family member details, prescriptions, medication history, and media photos, in plain file-based markdown storage without any mention of encryption, access control, minimization, or retention safeguards. In the context of a family medication manager, this increases the risk of unauthorized disclosure of medical information and personal identifiers if the filesystem, backups, sync service, or host device is compromised.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal