ClawHub

Med-LLM-Wiki

Security checks across malware telemetry and agentic risk

Overview

This medical wiki skill is not malicious, but it persistently stores and indexes sensitive patient details without clear privacy, consent, retention, or deletion safeguards.

Install only for authorized medical-data workflows in a controlled private workspace. Prefer synthetic or de-identified cases, restrict access to the wiki files, define retention and deletion rules, and review generated pages before reuse or sharing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill explicitly instructs the agent to create and update multiple on-disk wiki files containing patient-specific medical history, identifiers, lab values, and consultation details, but provides no consent check, warning, minimization rule, or storage protection guidance. In a medical context, this creates a real privacy and compliance risk because highly sensitive health data is being systematically persisted and indexed for later retrieval.

Ssd 3

Medium
Confidence
95% confidence
Finding
The skill requires preserving, indexing, cross-linking, and later quoting detailed patient-specific clinical data, including baseline values, conditions, and consultation content, which materially increases the chance of sensitive data exposure through natural-language retrieval, logs, and derived pages. The danger is amplified because the skill is specifically designed for longitudinal organization and easy lookup of patient facts, making unauthorized disclosure or oversharing more likely.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal