NutriGx Advisor

ReviewAudited by ClawScan on May 10, 2026.

Overview

The skill mostly matches its stated local genetic-nutrition purpose, but it generates a reproducibility shell script with unescaped user-controlled paths that could run unintended commands if the script is later executed.

Use this only with genetic files you are comfortable processing locally, store the output directory securely, and avoid running the generated commands.sh until the command arguments have been safely quoted or manually reviewed.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Medium

#ASI05: Unexpected Code Execution

What this means

A maliciously named file or path could turn the generated reproduction script into a command-execution risk if you run it.

Why it was flagged

Input, output, panel, and other argument values are inserted into a shell script without quoting or escaping. If a path contains shell metacharacters and the user later runs commands.sh, unintended commands could execute.

Skill content

cmd_args = " ".join(f"--{k.replace('_', '-')} {v}" for k, v in args.items() if v and k != "synthetic") ... python nutrigx_advisor.py {cmd_args}

Recommendation

Do not run generated commands.sh from untrusted inputs until arguments are shell-quoted safely; prefer regenerating commands manually or updating the code to use shlex.quote for all shell arguments.

Low

#ASI06: Memory and Context Poisoning

What this means

The output files may reveal sensitive genetic traits and health-related interpretations to anyone who can access the output directory.

Why it was flagged

The report includes per-SNP genotype calls and derived nutritional risk interpretations, which are sensitive genetic-derived data stored in the output report.

Skill content

f"| {s['gene']} | {s['rsid']} | `{s['genotype']}` " f"| {s['risk_count']}/2 | {effect} |"

Recommendation

Save outputs only in a private location, avoid sharing the report unless intended, and delete generated reports when no longer needed.

Low

#ASI04: Agentic Supply Chain Vulnerabilities

What this means

Running the generated environment setup may install third-party packages onto your machine.

Why it was flagged

The generated reproduction environment can install external packages from conda and pip. This is not automatically executed, but it is a supply-chain surface users should review.

Skill content

channels:\n  - conda-forge\n  - defaults\ndependencies:\n  - python=3.11\n  - numpy>=1.26\n  - pandas>=2.2\n  - matplotlib>=3.8\n  - seaborn>=0.13\n  - pip\n  - pip:\n    - clawbio==0.1.0

Recommendation

Review environment.yml before running conda or pip commands, and use a disposable environment for reproducibility.