Android IP Webcam monitoring and alert

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent IP-camera monitoring guide, but users should understand it can involve camera control and sending alert images to an AI service.

Install only if you are comfortable granting an agent access to your local IP Webcam. Enable camera authentication if available, avoid pointing it at private areas without consent, decide whether alert images may be sent to AI, and inspect any separately obtained runner scripts before using continuous monitoring.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill states that alert-triggered camera frames are sent to an AI, but it does not clearly disclose what data leaves the local device, where it is sent, how long it is retained, or whether bystanders may be captured. In a security-monitoring context, this can expose sensitive images of homes, occupants, or visitors without informed consent or adequate privacy safeguards.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal