ClawHub

Living-Alone Sleep Rhythm Anomaly Analysis | 独居者作息规律异常分析

Security checks across malware telemetry and agentic risk

Overview

The skill appears to perform the advertised monitoring task, but it handles very sensitive in-home night video and personal identifiers through remote services with insufficient consent, scoping, and retention controls.

Install only after confirming the monitored person or guardian has given informed consent. Use a pseudonymous open-id instead of a phone number where possible, avoid public video URLs, and ask the publisher for exact retention, deletion, access-control, and encryption practices for uploaded videos, derived reports, identifiers, and stored tokens.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (9)

Dynamic attribute access via getattr()

Low
Category
Dangerous Code Execution
Content
if filters:
                for key, value in filters.items():
                    query = query.filter(getattr(self.__model__, key) == value)

            if offset:
                query = query.offset(offset)
Confidence
79% confidence
Finding
query = query.filter(getattr(self.__model__, key) == value)

Dynamic attribute access via getattr()

Low
Category
Dangerous Code Execution
Content
if filters:
                for key, value in filters.items():
                    query = query.filter(getattr(self.__model__, key) == value)

            return query.scalar()
        finally:
Confidence
79% confidence
Finding
query = query.filter(getattr(self.__model__, key) == value)

Vague Triggers

Medium
Confidence
85% confidence
Finding
The default trigger is broad enough to activate on essentially any uploaded night video from a bedroom or living room, increasing the chance of unintended processing of intimate surveillance footage. In this context, accidental invocation is more dangerous because the data is exceptionally sensitive and may be transmitted to external services without a narrowly scoped user request.

Missing User Warnings

High
Confidence
94% confidence
Finding
The skill processes highly sensitive bedroom/living-room night video and related health-adjacent inferences, yet the description does not prominently warn users about the sensitivity of this data or the possibility of remote transmission/storage. Without clear upfront notice, users may unknowingly expose intimate household footage and personal identifiers, creating serious privacy and compliance risk.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The script requires an --open-id parameter and explicitly allows values such as OpenID, username, or phone number, which are sensitive identifiers, but it provides no user-facing privacy notice, consent flow, retention statement, or masking. In this skill's context, the identifier is linked to highly sensitive in-home night video and inferred health/sleep anomalies, which increases privacy and misuse risk if logs, terminals, or downstream systems expose the identifier.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The tool accepts a remote video URL via --url and then passes it for analysis without any disclosure that video content may be fetched over the network or processed by a backend service. In this skill, the content is indoor overnight bedroom/living-room footage tied to health-related anomaly detection, so undisclosed transmission of such intimate footage materially raises privacy and compliance risk.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The API documentation instructs clients to upload video files or provide publicly accessible video URLs to a remote server, but it provides no privacy notice, consent requirements, retention limits, encryption guarantees, or restrictions on handling sensitive footage. In the context of a bedroom/living-room monitoring skill for people living alone, this creates a significant privacy and compliance risk because highly sensitive in-home surveillance data may be transmitted or exposed without adequate safeguards or user awareness.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
This code accepts either a local video path or an arbitrary remote URL, then uploads file contents or forwards the URL to the backend analysis service without any visible consent prompt, destination disclosure, or trust restriction. In this skill’s context, the inputs are night-time in-home surveillance videos of a person living alone, which are highly sensitive personal data; silent transfer of such data materially increases privacy and data-exfiltration risk.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The request helper automatically attaches sensitive identifiers and credentials such as pnaUserName, X-Access-Token, X-Api-Key, Authorization, tenant metadata, and skill platform fields to outbound requests, and it can also auto-register or log in a user via /sys/phoneLogin using a username/mobile value. In the context of a monitoring skill for people living alone, this creates meaningful privacy and security risk because personal identity, account tokens, and potentially tenant-scoped data may be transmitted to remote services without any explicit consent check, minimization, or user-facing disclosure at the point of transfer.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal