Nest Devices
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Doorbell or camera images from inside or around the home could be automatically uploaded to a Telegram chat if the webhook is configured.
The webhook can move sensitive home camera/doorbell imagery from Nest to Telegram. That may be useful, but it is a high-impact external data flow and is not declared in the registry credentials/capabilities.
For doorbell events, captures a snapshot via the SDM GenerateImage API and sends it directly to Telegram for speed.
Only configure Telegram delivery if you explicitly want it; use a dedicated bot/chat, restrict credentials, and require clear opt-in before sending camera images externally.
A long-running service could continue processing Nest events and sending notifications/images after the initial setup.
The instructions create a persistent webhook exposed through a tunnel and run by systemd, so the skill can keep receiving and acting on home events outside a single user-invoked command.
Set Up Cloudflare Tunnel ... service: http://localhost:8420 ... Create Systemd Services ... /etc/systemd/system/nest-webhook.service
Treat the webhook as a persistent home-monitoring service: review the service file, tunnel hostname, logs, stop/disable procedure, and who can reach the webhook before enabling it.
A token with access to the selected 1Password vault/item can unlock Nest account control, including thermostats and camera stream generation.
The client can use a 1Password service-account token to retrieve Nest OAuth credentials. This is related to the purpose, but it is high-impact credential access and the registry metadata says there is no primary credential or required env var.
if key.startswith('OP_TOKEN_') or key == 'OP_SERVICE_ACCOUNT_TOKEN': ... [op_path, 'item', 'get', item, '--vault', vault, '--format', 'json']Use a dedicated least-privilege 1Password item and token, avoid broad vault access, and ensure the skill metadata/setup clearly lists all required credential environment variables.
You rely on the current remote download at setup time for a binary that may become part of a persistent service.
The setup downloads the latest Cloudflare tunnel binary directly and makes it executable. This is user-directed and related to webhook setup, but it is unpinned and has no checksum verification in the artifact.
curl -L -o ~/.local/bin/cloudflared https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64 chmod +x ~/.local/bin/cloudflared
Prefer an official package manager or pin and verify the binary version/checksum before running it.
If invoked with valid credentials, the skill can change home temperature settings or create camera streams.
The core client can send commands to Nest devices, including thermostat changes and camera stream generation. This is expected for the skill, but it affects physical devices and private camera access.
def execute_command(self, device_id, command, params=None): ... return self._request('POST', f'/devices/{device_id}:executeCommand', json=body)Require explicit user confirmation for device-changing actions and limit device IDs/commands to the requested task.