ClawHub

Biochemistry and Molecular Biology-PMPH-10edition

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only medical and biochemistry skill collection, but some skills give high-risk clinical, genetic, forensic, and wet-lab guidance without enough per-skill safeguards.

Install only if you want educational biochemistry and molecular-biology reference material and can keep medical, genetic, forensic, and wet-lab outputs under qualified human oversight. Do not use it as the sole basis for diagnosis, treatment, gene therapy design, forensic conclusions, or laboratory work involving hazardous chemicals or genetic manipulation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (10)

Context-Inappropriate Capability

High
Confidence
98% confidence
Finding
The skill explicitly claims it can '制定并实施' individualized gene therapy for cancer, cardiovascular disease, and diabetes, crossing from educational content into real-world clinical intervention guidance. In this context, that is dangerous because gene therapy is a high-risk, specialist, tightly regulated medical domain, and presenting the skill as implementation-capable may encourage unsafe reliance or misuse without proper clinical governance.

Natural-Language Policy Violations

Medium
Confidence
91% confidence
Finding
The skill explicitly requires adherence to a specific political/ideological framework ('习近平新时代中国特色社会主义思想“三进”') as part of its prescribed output, without any user opt-in, locale gating, or indication that this content is mandatory only in a narrow regulatory context. This can bias responses, reduce neutrality, and cause the agent to inject ideology into educational assistance even when the user's task is pedagogical or editorial rather than political.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill explicitly supports molecular staging, diagnostic interpretation, and targeted intervention design for colon lesions, but it provides no clear limitation that outputs are educational or decision-support only and must be validated by qualified clinicians. In a medical context, users may over-trust the stage mapping and gene-order model to make real diagnostic or treatment decisions, which can lead to misdiagnosis, inappropriate therapy selection, or delayed care, especially because the model is simplified and not universally applicable.

Missing User Warnings

High
Confidence
99% confidence
Finding
The execution steps provide actionable high-risk intervention guidance, including gene interference, tumor suppressor delivery, cytokine gene transfer, and suicide gene therapy, but include no warning, contraindication framework beyond basic feasibility, or requirement for medical oversight. In a biochemistry education skill, this omission materially increases risk because users may interpret the content as operational treatment advice for serious diseases.

Vague Triggers

Medium
Confidence
89% confidence
Finding
This skill is triggered by broadly defined blood-glucose values and common symptoms such as dizziness, palpitations, fatigue, or confusion, but it does not define exclusion conditions, triage boundaries, or clear instructions to escalate to emergency care. In a medical context, this can cause the agent to overconfidently provide condition-specific guidance for nonspecific symptoms, potentially delaying urgent evaluation for other dangerous causes or prompting unsafe self-management advice.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The index advertises multiple skills that provide clinical assessment, diagnostic interpretation, and intervention-oriented guidance, but it does not present a clear medical disclaimer or escalation guidance. In a medical/biochemistry educational skill collection, users may still rely on outputs as actionable health advice, creating risk of unsafe self-diagnosis, delayed care, or inappropriate treatment decisions.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The file lists capabilities involving genetic analysis and DNA fingerprinting/forensic identification without any warning about consent, privacy, lawful use, or handling of sensitive genetic data. Because genetic and forensic outputs can affect identity, family relationships, and legal matters, omission of these safeguards increases the chance of misuse or inappropriate processing of highly sensitive information.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs users to use chloroform as a mobile phase but provides no warning about its toxicity, volatility, inhalation risk, or need for fume-hood/PPE handling. In a laboratory-procedure skill, omitting basic hazardous-chemical safety guidance can lead users to perform the procedure unsafely, increasing risk of chemical exposure and harm.

Missing User Warnings

High
Confidence
95% confidence
Finding
The skill provides actionable recombinant DNA construction steps, including vector choice, restriction digestion, ligation, transformation/transfection, antibiotic selection, and expression, without any biosafety, regulatory, institutional oversight, or access-control warnings. In a life-sciences skill, omission of these guardrails increases the risk of enabling unreviewed wet-lab genetic manipulation, especially when viral vectors, antibiotic resistance markers, and expression in host cells are mentioned.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill describes a clinical-adjacent whole-exome sequencing workflow and outputs candidate pathogenic variants, but it omits warnings about handling highly sensitive genetic data, privacy obligations, consent, and the limits of using results for diagnosis. In this context, users may over-trust the output for clinical decision-making or mishandle regulated genomic data, creating meaningful privacy, safety, and compliance risk.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal