Skillv1.0.0

ClawScan security

Health Data Analyzer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 9, 2026, 6:00 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files and runtime instructions are coherent with its stated purpose (using the mcporter CLI to query a healthdata MCP server for sleep/exercise/recovery data), but it will access highly sensitive personal health and account data — only install if you trust the local mcporter installation and the MCP server.
Guidance: This skill appears to do what its description says — it calls the local mcporter CLI to query a healthdata MCP server and analyze sleep/exercise/recovery metrics. Key things to consider before installing: - Sensitive data: the skill will query tables containing PII and health data (emails, user IDs, HRV, SPO2, sleep stages). Only enable it if you trust the MCP server and agree that this data may be accessed. - Implicit auth: the skill doesn't request credentials because it relies on the system's mcporter configuration; review mcporter's auth/config to ensure it has least-privilege access. - Local trust: scripts call the mcporter binary and jq; ensure mcporter on your system is the expected binary (not a malicious replacement) and run check_status.sh in a controlled environment first. - Injection/command risk: the Python code builds mcporter CLI arguments and passes them to subprocess.run without a shell (lower risk), but inputs should still be validated by the caller — avoid passing untrusted arbitrary strings into query parameters. If you need stronger assurance, ask the publisher for the service endpoint and authentication model, or run the scripts in a sandboxed environment and inspect mcporter configuration and server ACLs before granting access.

Review Dimensions

Purpose & Capability: okThe name/description (health data analysis) match the SKILL.md and the bundled scripts: both the shell script and Python script invoke the mcporter CLI to list tables, get schemas, and query table data from a 'healthdata' MCP server. There are no unrelated dependencies, credentials, or install steps requested that don't fit the stated purpose.
Instruction Scope: noteSKILL.md explicitly instructs the agent to list tables, fetch schemas, and query table data — exactly what a health-data analyzer should do. However the documented and code-accessed tables include 'users' and fields such as email/external_id and many health indicators (HRV, SPO2, sleep stages). That means the skill will access PII and sensitive health data (PHI). The instructions do not direct data to any external endpoint beyond the mcporter/healthdata service.
Install Mechanism: okThere is no install spec (instruction-only), and included files are local scripts. Nothing is downloaded from external URLs or extracted. Risk from the install mechanism is low — code will only be written from the provided bundle.
Credentials: noteThe skill declares no required environment variables or credentials, which is coherent if mcporter handles auth via its own configuration. This can be surprising: the skill will operate with whatever permissions mcporter (and the host) already have, and can therefore access full user records and sensitive health metrics. Ensure mcporter's credentials/config are appropriately scoped before allowing the skill to run.
Persistence & Privilege: okalways is false and the skill does not request persistent system privileges or modify other skills. It runs on-demand code (shell script and Python) and does not attempt to change agent-wide settings.