ClawHub

Pathophysiology-PMPH-10edition

Security checks across malware telemetry and agentic risk

Overview

This markdown-only medical education skill is not malware, but it needs review because several skills give direct high-risk clinical procedure and treatment guidance without enough per-skill safety boundaries.

Install only if you intend to use it as educational or clinician-reviewed reference material. Do not use it for self-treatment, emergency decisions, brain-death determination, withdrawal of life support, drug administration, dialysis decisions, vasoactive therapy, or invasive support decisions without qualified medical oversight, current official guidelines, and local institutional protocols.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (18)

Missing User Warnings

High
Confidence
96% confidence
Finding
This is a true safety vulnerability because the skill gives operational guidance for brain-death determination, extubation/apnea observation, withdrawal of life support, and organ-donation triggering without an explicit, prominent warning that it is not a standalone decision tool and must only be used by qualified clinicians under institution-specific and jurisdiction-specific protocols. In this context, omissions are especially dangerous: brain-death assessment is legally, ethically, and medically high stakes, and incorrect use could contribute to premature withdrawal of support or invalid death determination.

Missing User Warnings

High
Confidence
98% confidence
Finding
This skill provides actionable medical intervention instructions for controlled reperfusion, including pressure, temperature, and electrolyte manipulation, but omits any warning that the procedure is high-risk, expert-only, and potentially harmful if misapplied. Because incorrect perfusion pressure or ionic composition can directly injure organs or patients, the lack of safety framing materially increases the chance of unsafe use outside appropriate clinical settings.

Missing User Warnings

High
Confidence
95% confidence
Finding
The skill gives concrete DIC treatment recommendations, including anticoagulation, coagulation factor replacement, and platelet transfusion, without an explicit statement that it is only decision support and must not replace clinician judgment or local protocol. In a high-acuity condition like DIC, users may over-rely on the guidance despite incomplete data, contraindications, or alternate diagnoses, increasing the risk of inappropriate treatment and patient harm.

Missing User Warnings

High
Confidence
98% confidence
Finding
This skill gives actionable medical triage guidance about whether to allow fever to continue or actively reduce it, including thresholds such as ≤40℃ and >41℃, without warning that it is not a substitute for clinician evaluation or emergency care. In the medical context, users may rely on this guidance for self-management, which can delay treatment for sepsis, CNS infection, heat-related injury, vulnerable populations, or other causes of dangerous fever.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill gives actionable, immediate treatment guidance for real patients, including drug-based antipyretic intervention and language such as '立即执行', without a clear boundary that the content is educational only and must not be autonomously applied. In a clinical context, this can cause unsafe treatment selection, delay diagnosis, or inappropriate medication use because dosing, contraindications, age-specific restrictions, and cause of fever are not fully specified.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill gives concrete emergency-treatment steps for symptomatic hypermagnesemia, including IV calcium administration, loop diuretics, and dialysis escalation, but does not explicitly state that these are clinician-only interventions requiring urgent medical supervision and patient-specific monitoring. In a general-purpose agent setting, this creates a risk that a non-clinician or insufficiently supervised user could act on the instructions directly, causing medication, dosing, or triage harm in a time-critical scenario.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
This skill gives directive medical guidance to 'urgently replace sodium' and assess shock risk without any guardrails about clinician oversight, emergency escalation, treatment thresholds, or the dangers of overly rapid sodium correction. In a medical context, such omissions can contribute to inappropriate self-management or unsafe agent recommendations, potentially causing serious patient harm including neurologic injury or delayed emergency care.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This index advertises numerous clinical assessment and intervention skills involving shock, respiratory failure, electrolyte emergencies, brain death, and emergency management, but it provides no overarching safety disclaimer that the content is educational and not a substitute for licensed medical judgment. In a medical skill catalog, that omission increases the risk that a user may treat the system as authoritative for urgent real-world decisions, leading to delayed care or unsafe self-management.

Missing User Warnings

High
Confidence
96% confidence
Finding
The skill provides concrete pharmacologic and biologic intervention steps for ischemia-reperfusion injury, including NSAIDs, prostacyclin, antioxidant agents, enzymes, and monoclonal antibodies, but does not state that these require clinician oversight, patient-specific assessment, dosing validation, contraindication review, or monitoring. In a clinical context, users could treat this as actionable medical guidance and apply inappropriate or unsafe therapies, creating significant patient safety risk.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill gives treatment-oriented guidance such as considering levodopa use and restricting aromatic amino acid intake without an explicit warning that the content is educational and not a substitute for clinician judgment. In a medical skill about hepatic encephalopathy, users may misapply outdated or incomplete recommendations, which could influence patient care and delay appropriate evaluation and evidence-based management.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill includes specific medication recommendations and treatment preferences for metabolic abnormalities without a prominent warning that the information is general educational content rather than individualized medical advice. In a health-related agent skill, users may act on these recommendations without clinician supervision, creating risk of contraindications, dosing errors, drug interactions, or inappropriate therapy selection, especially in patients with renal, hepatic, cardiovascular, or pregnancy-related considerations.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill gives medication-selection guidance for critically ill MODS patients, including choosing vasoactive and inotropic agents based on hemodynamic interpretation, but does not state that this is only clinical decision support for qualified professionals. In a high-acuity setting, incomplete or overconfident guidance can be mistaken for definitive treatment advice, creating a meaningful risk of patient harm from inappropriate drug choice, delayed escalation, or use outside the stated exclusions.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill gives concrete clinical intervention suggestions such as correcting pH, adjusting potassium, improving myocardial perfusion, and considering beta-receptor modulation, but does not state that the content is educational only or require clinician judgment. In a medical context, omission of safety framing can encourage overreliance on simplified guidance for diagnosis or treatment decisions, increasing the risk of harmful misuse.

Missing User Warnings

High
Confidence
96% confidence
Finding
The skill gives actionable instructions for intentionally inducing ischemia/reperfusion, including cuff-based remote ischemic preconditioning and organ-targeted ischemic cycles, but does not clearly require clinician authorization, monitoring, contraindication screening, or emergency readiness. Because these are high-risk medical interventions that can worsen tissue injury, delay urgent care, or cause harm if applied by untrained users or in inappropriate patients, the omission creates a real safety vulnerability.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill gives concrete, high-risk emergency medical instructions including insulin/glucose, IV calcium, resin use, and dialysis escalation criteria, but it does not clearly state that it is only for qualified clinicians operating under physician oversight and local protocols. In a medical-emergency context, omission of that warning increases the chance of misuse by unqualified users or unsafe application without checking contraindications, dosing standards, monitoring requirements, or institutional guidance.

Missing User Warnings

High
Confidence
98% confidence
Finding
This skill gives concrete vasoactive treatment guidance for septic shock, including when to use inotropes or vasoconstrictors, but does not explicitly warn that this is high-risk medical content requiring qualified clinician oversight and individualized assessment. In the context of septic shock, simplified treatment rules can be misapplied to unstable patients with mixed shock states, incomplete resuscitation, cardiac dysfunction, or contraindications, potentially causing serious harm or death.

Missing User Warnings

High
Confidence
97% confidence
Finding
This skill provides psychiatric classification guidance for ASD, PTSD, and adjustment disorder in a way that could be interpreted as actionable diagnosis, yet it does not clearly state that it is informational only and not a substitute for licensed mental health evaluation. In a mental health context, users may rely on the output to self-diagnose or delay urgent professional care, especially where symptoms could overlap with psychosis, suicidality, substance effects, or organic disease.

Missing User Warnings

High
Confidence
98% confidence
Finding
The skill gives concrete medical treatment guidance for heart failure, including prescription drugs with significant risks and invasive interventions such as IABP, ECMO, ventricular assist devices, and transplant consideration, but it does not clearly state that the content is informational only and must be used solely under qualified clinician oversight. In this context, omission of a strong safety boundary is dangerous because users may treat the skill as actionable clinical direction, creating risk of serious harm from inappropriate drug selection, dosing context loss, contraindication neglect, or unsafe escalation to device-based care.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal