ClawHub

AI医学报告解读助手

Security checks across malware telemetry and agentic risk

Overview

This instruction-only medical report helper handles sensitive health data and optional social posting, but those capabilities are disclosed and aligned with its stated purpose.

Install only if you are comfortable using third-party tools to process medical-report content. Redact names, IDs, hospital numbers, and other personal details before use, treat outputs as informational rather than medical advice, and do not publish anything to WeChat or Xiaohongshu until you have reviewed and intentionally approved a sanitized version.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
85% confidence
Finding
The manifest and workflow present inconsistent capabilities: the description emphasizes report interpretation and visualization, while the workflow also includes publication to public social platforms. In a medical context, this hidden or under-emphasized data flow is dangerous because sensitive health information or derived medical content could be published without users clearly understanding that dissemination is part of the skill's behavior.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README describes sending uploaded medical PDF contents to multiple skills and external services, including literature search and optional publishing, but does not clearly warn that the data may contain highly sensitive personal health information or require minimization/anonymization before transfer. In a medical-report workflow, this omission is especially dangerous because users may unknowingly expose protected health data to third parties, creating privacy, compliance, and reputational risk.

Missing User Warnings

High
Confidence
97% confidence
Finding
This skill processes medical reports and explicitly routes content through external tools for PDF extraction, literature search, card rendering, and optional publishing, but it does not disclose or constrain how sensitive health data may be transmitted or exposed. Because medical information is highly sensitive, missing privacy warnings and data-minimization controls can lead to unauthorized disclosure, secondary use of PHI/PII, or accidental public publication.

Vague Triggers

Medium
Confidence
78% confidence
Finding
The skill description is overly broad and does not define when the medical-report workflow should or should not be triggered, which can cause the agent to apply medical interpretation in inappropriate contexts. In a healthcare setting, ambiguous triggering increases the risk of processing unrelated sensitive documents, giving unqualified medical-style guidance, or publishing content derived from user health data without clear user intent.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal