ClawHub

Elderly Toilet Time Abnormal Detection (>30 min) | 老年人如厕时间异常(超30分钟)识别

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This skill has a coherent elder-care monitoring goal, but its artifacts send highly sensitive bathroom-related video and identity data to external services with broad triggers, credential reuse, report-link exposure, and unrelated health or face-analysis behavior.

Install only after the publisher narrows the skill to occupancy-duration monitoring, removes unrelated pet/face/health-analysis paths, stops using api-key values as user IDs, adds explicit consent and retention/access controls for bathroom video and history reports, and fixes the dependency manifest. Treat any open-id, phone number, uploaded video, public URL, and report link as sensitive health-adjacent data.

SkillSpector (20)

By NVIDIA

Description-Behavior Mismatch

Medium
Confidence
88% confidence
Finding
The skill claims privacy-preserving silhouette-based monitoring, yet it also supports querying cloud-hosted historical reports and exposing direct links tied to a user identifier. In the context of bathroom monitoring for elderly people, even metadata such as report existence, timestamps, caregiver context, and linked reports is highly sensitive and can reveal health status or daily routines.

Context-Inappropriate Capability

High
Confidence
97% confidence
Finding
The skill instructs reading configuration files to extract an api-key and reuse it as an open-id, effectively repurposing a secret credential as a user identifier. This is dangerous because it encourages secret harvesting from the workspace and weakens credential boundaries, potentially exposing shared API keys and enabling unauthorized access to reports or backend services.

Description-Behavior Mismatch

High
Confidence
95% confidence
Finding
The analysis method injects a petType parameter into requests even though the skill is described as elderly toilet occupancy monitoring. This mismatch strongly suggests code reuse, hidden functionality, or data routing to an unintended model/service, which can cause unsafe behavior, incorrect alerts, or unauthorized processing outside the declared purpose. In a safety-critical elder-care context, undeclared analysis behavior is especially dangerous because caregivers may rely on outputs for urgent welfare checks.

Intent-Code Divergence

High
Confidence
93% confidence
Finding
The inline comment explicitly states that the code is adding a pet-type parameter, directly contradicting the manifest's elderly bathroom monitoring purpose. That contradiction is evidence of misaligned implementation and increases the likelihood that the wrong backend model, wrong business logic, or unintended data classification path is being used. In this context, such misrouting can degrade detection accuracy and delay or suppress emergency intervention.

Description-Behavior Mismatch

High
Confidence
97% confidence
Finding
The documented API returns face detection and health/constitution diagnosis data that is materially unrelated to a bathroom occupancy-time alert skill, which claims to detect only human silhouettes and avoid collecting private details. In this context, expanding processing to biometric analysis and health inference creates a significant privacy and function-creep risk, especially in a bathroom-adjacent monitoring scenario involving elderly individuals.

Context-Inappropriate Capability

High
Confidence
98% confidence
Finding
Performing face detection and inferring health status from submitted video is unjustified for the stated purpose of elderly toilet occupancy monitoring. Because the monitored setting is highly sensitive and the subjects are a vulnerable population, unnecessary biometric and medical-style inference materially increases privacy harm, regulatory exposure, and the risk of misuse beyond the skill’s declared function.

Description-Behavior Mismatch

Medium
Confidence
88% confidence
Finding
The code accepts arbitrary local files or remote URLs and forwards them to a backend analysis service, then exposes generic report export and listing behavior. That is materially broader than the declared toilet-occupancy monitoring use case and increases the risk of covert data exfiltration, misuse for unrelated surveillance/analysis, or processing sensitive media without appropriate controls.

Description-Behavior Mismatch

High
Confidence
96% confidence
Finding
The historical report listing surfaces health/face-assessment-derived fields such as healthAssessment.subject, which are unrelated to simple occupancy-duration monitoring. In a bathroom/elder-care context, exposing unrelated inferred health attributes expands collection and disclosure of highly sensitive personal data and may reveal private medical or biometric inferences to unauthorized viewers.

Context-Inappropriate Capability

Medium
Confidence
84% confidence
Finding
The code accepts an arbitrary user-supplied network URL and forwards it for analysis without any allowlist, scheme restriction, or validation. In a system intended for fixed bathroom-camera monitoring, this broad input surface can enable unintended remote content fetching, analysis of unauthorized third-party video, or SSRF-like behavior depending on how skill.get_output_analysis retrieves URLs downstream.

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The file implements a reusable persistence layer and a sys_user account model with CRUD operations that are materially broader than the skill's declared bathroom-occupancy alert purpose. In a privacy-sensitive elderly monitoring context, collecting and persisting user-account data outside the stated function increases data-minimization and unauthorized-retention risk, especially because create, update, and delete paths are built in by default.

Context-Inappropriate Capability

High
Confidence
95% confidence
Finding
The User model stores profile data and especially token/open_token values, which are sensitive credentials, without any visible encryption, hashing, scoping, or access-control safeguards in this module. For a narrowly scoped toilet-occupancy monitoring skill, this credential storage is difficult to justify and could enable account compromise, cross-system access, or privacy harm if the SQLite file is read or mishandled.

Description-Behavior Mismatch

High
Confidence
94% confidence
Finding
This utility performs behavior far beyond a bathroom-occupancy safety skill: it can auto-create user accounts, persist/reuse tokens, attach user identity fields to outbound requests, and inject payment-flow messaging. That mismatch increases the risk of undisclosed account provisioning, cross-skill data handling, and backend access using sensitive identifiers or credentials without clear user consent.

Context-Inappropriate Capability

Medium
Confidence
86% confidence
Finding
The code returns hardcoded recharge and skill-installation instructions when a billing condition occurs, which is unrelated to elderly toilet-time monitoring. Embedding monetization or upsell logic inside a safety-monitoring skill can mislead users, blur trust boundaries, and create opportunities for social-engineering-style prompts in a sensitive caregiving context.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The default trigger activates on essentially any uploaded bathroom-related video, which is overly broad for a workflow involving sensitive imagery and remote processing. In a high-privacy context like bathroom monitoring, broad auto-triggering increases the chance of unintended analysis, surprise data transfer, and processing of content the user did not intend to submit to this skill.

Vague Triggers

Medium
Confidence
81% confidence
Finding
The history-report query keywords are broad and automatically trigger cloud retrieval without strong scope constraints. This can cause accidental disclosure of sensitive elderly-care monitoring records when a user asks a vaguely similar question, especially because the feature is tied to identifiers and report listings.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The script collects a direct user identifier (`open-id`, which may be a username or phone number) and processes bathroom-monitoring video, but provides no explicit consent, privacy, retention, or access-control warning at the point of use. In this context, the data is highly sensitive because it concerns toileting behavior and health-related emergency inference for elderly individuals, so weak privacy signaling increases the risk of misuse, overcollection, and non-compliant deployment.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The documentation instructs users to upload videos or provide publicly accessible video URLs without any warning about the sensitivity of bathroom-related footage, retention, sharing, or consent requirements. In a system monitoring elderly bathroom occupancy, omission of privacy and handling guidance increases the chance that highly sensitive footage is exposed, overshared, or processed inappropriately.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The code reads local files into memory or accepts remote video URLs and submits them to an external analysis API without any visible disclosure, consent, or confirmation in this file. Because the skill handles bathroom-related monitoring for elderly people, silent transmission of video or derived data is especially privacy-sensitive and can violate user expectations and compliance requirements.

Missing User Warnings

Medium
Confidence
80% confidence
Finding
The CLI requires a highly sensitive identifier (OpenID/UserId/username/phone number) and stores it in a global runtime variable without any notice, minimization, or visible handling safeguards. In this elderly-care context, linking health-adjacent monitoring events to directly identifying account data raises privacy risk, especially if logs, crash traces, or downstream systems expose the value.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The request logic can automatically send user identifiers such as username/openId/mobile-equivalent fields, tenant information, skill metadata, and auth tokens to external services, including during implicit account creation. In a healthcare-adjacent elderly-care skill, this is especially sensitive because it may expose identity and service-access credentials without any visible notice, confirmation, or minimization.

Static analysis

Install untrusted source

Warn
Finding
Install source points to URL shortener or raw IP.

Dep not found on registry

Critical
Finding
1 package(s) referenced in dependency files do not exist on their public registries: yaml (pypi)

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal