ClawHub

Precision Oncology

Security checks across malware telemetry and agentic risk

Overview

This oncology research skill is mostly coherent, but it handles a PatSnap API key and external queries in ways users should review before installing.

Install only if you intend to use PatSnap LifeScience MCP services. Treat the PatSnap API key as sensitive, verify the endpoint, prefer a safer secret-handling method if available, and avoid entering patient identifiers, confidential clinical details, proprietary project names, or private R&D strategy unless your organization approves sending that data to PatSnap and any fallback search provider.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
78% confidence
Finding
The activation triggers are broad enough that the skill could load for many generic health or biology queries, causing unnecessary connection to external MCP services and use of a high-privilege domain workflow. In this context, overbroad activation increases the chance of unintended data sharing to third-party services and inappropriate medical/business analysis behavior outside the user's intent.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The setup example places the API key directly in an HTTP URL, which is commonly captured in shell history, logs, process listings, telemetry, proxy logs, and server access logs. Because this skill connects to external commercial data services, accidental credential exposure could allow unauthorized use of the account and access to sensitive proprietary data or billable resources.

Missing User Warnings

Low
Confidence
70% confidence
Finding
The mandatory connectivity probe sends a query to an external MCP service before handling the user's actual request, but the skill gives no privacy notice or consent boundary. Even though the probe example uses a fixed public target (EGFR), it normalizes silent outbound transmission to a third-party service and can surprise users in regulated biomedical environments.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal