ClawBio Orchestrator

Security checks across malware telemetry and agentic risk

Overview

This bioinformatics routing skill is coherent and local, but its reports and audit logs may contain sensitive project details.

Install only if you are comfortable with a local bioinformatics orchestrator that may route work to other skills and write reports, checksums, commands, file paths, and audit logs. Use a dedicated working directory, review plans before approving multi-step or networked analyses, and keep generated logs private for sensitive genomic or biomedical projects.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 88% confidence
Finding: The skill explicitly instructs the agent to verify files, execute sub-skills, append audit logs, and produce reproducibility artifacts, which implies file-write capability and likely external/networked operations, yet no permissions are declared. This mismatch can cause the platform or user to underestimate what the skill may do, weakening security review and consent boundaries.

Missing User Warnings

Low

Confidence: 82% confidence
Finding: The audit log persists raw user-supplied input to disk without sanitization, minimization, or clear disclosure. In a bioinformatics context, inputs may contain sensitive sample identifiers, study names, filesystem paths, or natural-language queries with confidential data, so silent logging can create unintended data exposure and retention risks.

Ssd 3

Medium

Confidence: 92% confidence
Finding: The instruction to append every action to analysis_log.md creates a persistent audit trail that can easily capture sensitive biomedical inputs, file paths, commands, parameters, and potentially genomic identifiers in plain text. In a bioinformatics context, such logs may retain highly sensitive data far beyond the active session and become a secondary disclosure source.

Ssd 3

Medium

Confidence: 95% confidence
Finding: The 'Log everything' directive broadens the risk by explicitly requiring exhaustive recording of every command and every file read or written, which is disproportionate for workflows involving genomic and clinical-adjacent data. Comprehensive logs can expose sensitive sample names, dataset structure, credentials embedded in commands, and private research data even if the main analysis output is handled safely.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal