ClawHub

LoRa CAD air scanner

Security checks across malware telemetry and agentic risk

Overview

This is a coherent LoRa monitoring skill, but it captures raw radio packets and identifiers, stores them locally, and can forward them to Telegram, with broader RF reconnaissance guidance than most users would expect.

Install only if you are authorized to monitor the selected frequencies and are comfortable handling captured RF payloads and device identifiers. Before enabling the monitor or cron alerts, narrow the scan range, disable or redact raw hex and identifiers where possible, protect and rotate local files, and treat Telegram delivery as exporting captured data to an external service.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Tp4

High
Category
MCP Tool Poisoning
Confidence
80% confidence
Finding
A significant description-behavior mismatch is a real security concern because it undermines user consent and review: users may approve a simple CAD scanner while the skill also performs payload/protocol decoding, host-side monitoring, and offline RF analysis. In this RF reconnaissance context, additional decoding of identifiers such as DevEUI/DevAddr increases privacy sensitivity and expands the attack surface beyond what the top-level description suggests.

Description-Behavior Mismatch

Medium
Confidence
85% confidence
Finding
The document expands a LoRa CAD scanner workflow into broader RF reconnaissance by directing use of HackRF for wideband sweeping and optional demodulation to identify voice, digital, and beacon signals. That increases dual-use capability beyond the stated LoRa-focused purpose and can facilitate monitoring of unrelated radio services, even if presented as a technical workflow rather than overtly malicious guidance.

Context-Inappropriate Capability

Medium
Confidence
88% confidence
Finding
The line explicitly tells users to demodulate captured signals to identify whether they are voice, digital, or beacon traffic, which is not necessary for a LoRa CAD scanner's core function. In context, this materially broadens the skill into non-LoRa signal analysis and could support interception or classification of third-party communications outside the intended use case.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README states that captured packet contents, decoded fields, and hex dumps are sent to Telegram, but it does not prominently warn that intercepted RF data may contain sensitive or regulated information and will be forwarded to a third-party service. In this skill context, RF reconnaissance and packet capture make the privacy and legal exposure more significant because the system is explicitly designed to monitor nearby LoRa traffic persistently.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The code prints captured LoRa packet payload bytes in full hexadecimal form over Serial, which can expose intercepted communications, identifiers, telemetry, or credentials to any connected host or logging pipeline. In this skill's RF reconnaissance context, that behavior is more sensitive than normal debugging because it is explicitly designed to sniff third-party traffic and forward structured reports, increasing the likelihood of unauthorized data capture and retention.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The formatter constructs Telegram-ready messages that include decoded identifiers such as DevEUI/DevAddr and the full raw packet hex, which can expose device identifiers, location-related telemetry, and application payload contents to anyone with access to logs, serial output, or the Telegram pipeline. In this skill's RF reconnaissance context, that behavior is more sensitive than usual because it is explicitly designed to capture nearby LoRa traffic, so indiscriminate forwarding of intercepted packet contents increases privacy, intelligence-gathering, and data leakage risk.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal