ClawHub

Pharmgx Reporter

Security checks across malware telemetry and agentic risk

Overview

This is a local genetic-data report generator with important privacy and medical-safety cautions, but I found no hidden access, exfiltration, persistence, or destructive behavior.

Install only if you trust the source and intend to process sensitive genetic data locally. Use a private input and output location, avoid shared or synced folders unless appropriate, delete reports when no longer needed, quote file paths before copy-running any reproducibility command, and do not make medication or dose decisions from the report without a qualified healthcare professional and confirmatory clinical-grade testing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill declares no permissions, but its documented behavior and usage clearly require reading user-provided genetic files and writing a report. This creates a security and governance gap: operators may approve or sandbox the skill under incorrect assumptions, while the runtime still handles sensitive genomic data and writes output files. In this context, the issue is more serious because the input is highly sensitive health/genetic information, even though file I/O is expected for the skill’s function.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The report presents detailed genotype-derived drug recommendations, including 'AVOID' and dose-adjustment guidance, before any strong, prominent warning that the content is sensitive health data and not appropriate for treatment decisions without clinician review. Although a disclaimer exists later in the document, it is easy for users to act on the recommendations first, which is especially risky given the stated simplified DTC-compatible allele calling and non-clinical validation limitations.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
This tool processes raw direct-to-consumer genetic data and generates a persistent pharmacogenomic report containing inferred medication-response information, then writes it to disk by default without any consent flow, privacy warning, retention control, or output protection. In this context, the data is exceptionally sensitive health/genetic information, so silent local persistence materially increases the risk of unauthorized disclosure through shared machines, backups, synced folders, or later exfiltration by other software.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal