ClawHub

ESP-IDF Helper

Security checks across malware telemetry and agentic risk

Overview

This ESP-IDF helper is mostly purpose-aligned, but it deserves Review because its helper scripts can run high-impact Windows or flashing commands with insufficient input validation.

Install only if you need ESP-IDF hardware workflows and are comfortable with scripts that can flash devices and manage USB attachment from WSL. Use trusted ESP-IDF installs and project build directories, prefer --list and --dry-run before attachment, specify exact ports/devices, and review generated flash packages before running or distributing them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
85% confidence
Finding
The help text states that unknown commands passed to idf.py may be executed as build system targets. In an agent skill, this increases the chance that unvalidated or user-influenced input is forwarded into a command that triggers unintended build actions, especially if the agent treats arbitrary tokens as safe subcommands.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The script conditionally sources and executes "$ESPIDF_ROOT/export.sh" from the IDF_PATH environment variable inside a shell. Because IDF_PATH is environment-controlled and not validated, an attacker who can influence the environment can cause arbitrary shell commands in a malicious export.sh to run when this helper is invoked. In a developer-tooling skill, this is especially relevant because users may run the script locally with inherited environment state and trust the helper to perform only setup tasks.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal