ClawHub

Healthcare Chatbot Pro

Security checks across malware telemetry and agentic risk

Overview

This healthcare chatbot skill is not malware, but it asks for sensitive patient-system access and logging without enough clear limits for real clinical use.

Review carefully before installing in any real clinic or patient workflow. Use test credentials first, require HIPAA/BAA review for every provider, separate EMR read and write scopes, require explicit patient consent before storing or transmitting PHI, and keep human approval on EMR writes, outbound patient messages, billing answers, and appointment changes until validated.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly says conversations will be logged for compliance and quality assurance, but it does not present a clear, prominent user-facing notice or consent flow before collecting and retaining sensitive healthcare communications. In a healthcare context, conversation logs may contain PHI, so undisclosed logging materially increases privacy, regulatory, and trust risk.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill advertises EMR read/write capabilities, patient history access, insurance verification, and clinical note interaction without a prominent warning that sensitive medical records may be accessed or modified. Because this is a healthcare support bot, insufficient disclosure and consent around EMR operations could lead to unauthorized access, improper data handling, or accidental modification of protected records.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal