ClawHub

Hybrid training plan

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Hybrid Training Plan account integration that reads and updates workout data using a user-provided API key.

Install this only if you want an agent to access your Hybrid Training Plan account. Use a dedicated revocable API key, keep HYBRID_API_URL at the default unless you trust another server, and confirm dates, plan IDs, session IDs, weights, and log details before asking the agent to modify your plan.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
85% confidence
Finding
The skill invokes shell commands (`scripts/htp.sh`, `curl`, `jq`) and performs live API operations, but it does not declare explicit permissions or capability boundaries. This weakens the trust model for agents and users, increasing the chance that the skill executes account-affecting actions without appropriate review or sandboxing.

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The skill is described as helping users view and manage training plans and workout logs, but the bundled API reference also exposes API key lifecycle endpoints. That unnecessarily expands the reachable capability set into credential management, which is sensitive and not required for the stated user task; in an agent setting, this increases the chance of secret creation, disclosure, or revocation through prompt abuse or tool misuse.

Vague Triggers

Medium
Confidence
79% confidence
Finding
The activation text is broad enough to match many normal fitness conversations, such as general training questions or workout logging requests, without clearly distinguishing between informational help and actions on a real account. In context, that makes accidental invocation more likely and could lead to unintended reads or writes against the user's training data.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill documents multiple authenticated, state-changing operations against a remote service, including logging sessions, completing or skipping days, and updating 1RMs, but it does not warn that data will be transmitted to hybridtrainingplan.app or that these actions modify the user's account. In this context, the omission is more dangerous because the service stores personal training history and the commands can permanently alter records.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal