ClawHub
Back to skill

Security audit

ECG-AI-Diagnosis

Security checks across malware telemetry and agentic risk

Overview

This skill openly sends a user-selected ECG JSON file to Heartvoice's cloud API for analysis, so the main risk is medical-data privacy rather than hidden behavior.

Install only if you are comfortable sending ECG/health data to Heartvoice's external cloud service. Use it with explicit user or patient awareness, review the vendor's privacy and retention terms for real medical data, and keep HEARTVOICE_API_KEY in an environment variable rather than in code.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill performs sensitive actions—reading a user-specified local file, accessing an API key from the environment, and transmitting ECG data to a third-party cloud API—yet the metadata declares no explicit permissions. This creates a transparency and governance gap: an agent or user may invoke the skill without clear awareness that local medical data and credentials are involved, increasing the chance of unintended disclosure.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The script sends raw ECG payloads to a third-party cloud API, but it provides no explicit runtime disclosure or consent mechanism informing users that sensitive health data leaves the local environment. Because ECG data is medical information, undisclosed external transmission creates a real privacy and compliance risk even if the transmission is the skill's intended function.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal