ClawHub

NutriGx Advisor

Security checks across malware telemetry and agentic risk

Overview

This skill does not show exfiltration or hidden malware, but it handles genetic data and writes sensitive health/genotype outputs with under-disclosed privacy and safety risks.

Install only if you are comfortable processing genetic data locally and storing derived genotype and health reports on disk. Use a private non-synced output folder, review generated files before sharing, do not treat recommendations as medical advice, and do not run commands.sh unless you have checked or fixed shell quoting for all paths and arguments.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (7)

Intent-Code Divergence

Medium
Confidence
91% confidence
Finding
The privacy statement is materially overstated: although the report may omit genotype strings, the documented reproducibility bundle includes `commands.sh`, `checksums.txt`, and provenance artifacts that can reveal raw input filenames, stable identifiers, and persistent fingerprints of the user's genetic dataset. For highly sensitive genomic data, misleading users into believing outputs contain no identifying or genotype-adjacent traces increases the risk of accidental disclosure, sharing, and unsafe retention.

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The file explicitly disclaims medical advice, but the body provides individualized-seeming health guidance such as target biomarker levels, supplement suggestions, dosage-style limits, and nutrient interventions based on genetic markers. This mismatch can cause users to over-trust the output as actionable clinical guidance despite the disclaimer, increasing the chance of unsafe self-treatment or delayed professional care.

Vague Triggers

Medium
Confidence
76% confidence
Finding
The trigger phrases are broad enough to match generic nutrition queries such as folate, vitamin D, gluten, or diet genetics, which can cause the orchestrator to invoke a genomics-processing skill when the user did not intend to analyze DNA data. In this context, unintended routing is a security and privacy issue because it can prompt for or process highly sensitive genetic information under ambiguous user intent.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill prominently advertises local processing and outputs for consumer genetic data but does not foreground that genomic data is uniquely sensitive, potentially identifying, and that derived artifacts may persist on disk. In the context of nutrigenomics, insufficient warning can lead users to upload or analyze DNA files without informed consent about storage, sharing, and downstream exposure of outputs and metadata.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The recommendation includes concrete medical-style actions such as maintaining 25(OH)D above a specific threshold and advising D3+K2 co-supplementation, but it does not include localized warnings about contraindications, drug interactions, dosing risks, or the need for clinician supervision. In a genetics-based nutrition report, users may interpret these statements as safe personalized treatment advice, creating risk of inappropriate supplementation or harm in people with relevant conditions.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
This function writes a personalised genetic nutrition report to disk (`nutrigx_report.md`) without any access controls, encryption, consent check, or prominent handling warning at the point of persistence. Because the report contains sensitive health/genetic inferences and can also generate related figures on disk, unintended local disclosure is plausible through shared machines, backups, logs, synced folders, or misconfigured output paths.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
This skill explicitly processes highly sensitive genetic data and generates reports and reproducibility artifacts, but it provides no user-facing warning, consent prompt, or guidance about the privacy implications of handling genomic information. In this context, the omission is security-relevant because users may unknowingly expose permanent, uniquely identifying health-related data in local output directories, bundles, logs, or shared environments.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal