ClawHub

Meal Suggester

Security checks across malware telemetry and agentic risk

Overview

This skill is a local meal-planning helper that keeps pantry and preference notes, with no evidence of hidden data theft, destructive behavior, or unrelated authority.

Install only if you are comfortable with a meal helper storing and updating local markdown notes about pantry contents, preferences, allergies, meal history, and shopping suggestions. Consider asking the agent to preview and confirm inventory changes before writing them, and review or disable any cron schedule unless you want daily suggestions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The README states that the skill will automatically update persistent files such as inventory and history based on conversational input, but it does not clearly warn users that their data will be stored and modified on disk. This creates a real safety and privacy issue because users may disclose household habits, food preferences, or allergy-related information without informed consent, and incorrect automatic writes could also corrupt the tracked state.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
Automatic stock tracking and shopping-list generation imply ongoing collection and derivation of behavioral data about the household, yet the README gives no privacy, retention, or transparency warning. In context, this is not remote code execution or a severe exploit, but it is a genuine privacy-design weakness because it normalizes silent accumulation of personal lifestyle data.

Missing User Warnings

Medium
Confidence
81% confidence
Finding
The skill states that a casual natural-language message will 'automatically update' stock data, but it does not warn the user that persistent files will be modified. This can lead to unintended state changes, silent corruption of inventory records, or manipulation through ambiguous input because users are not prompted to confirm writes.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The workflow description says stock updates automatically and the shopping list 'builds itself,' again implying persistent data changes without an explicit approval step. In context, this is more dangerous because the skill maintains household state across multiple files, so a mistaken or adversarial prompt could propagate bad data into inventory and purchasing suggestions.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal