ClawHub

Record screen, microphone or camera from macOS terminal

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed macOS recording helper that requires user consent, but it relies on a third-party Homebrew tap and handles sensitive microphone, screen, and camera capture.

Install only if you intentionally want a terminal-based macOS recording tool and trust the third-party Homebrew tap. Confirm each recording request, prefer short durations and window or region capture, choose output paths deliberately, and revoke microphone, camera, or screen permissions when no longer needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger description is unusually broad for a skill that can access highly sensitive sensors and capture microphone, screen, and camera data. Generic keywords like 'record', 'camera', 'photo', and 'screenshot' increase the chance of unintended invocation in unrelated contexts, which is especially dangerous because this tool enables surveillance-like actions even though the text also mentions consent requirements.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The documentation explains how to record microphone, system, or mixed audio but does not prominently warn that these actions may capture sensitive conversations, credentials, notifications, or copyrighted/private media. In an agent skill context, omission of a privacy warning can normalize surveillance-like use and increase the chance of unintentional or unauthorized recording.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The reference documents `--audio` as recording from the default microphone but does not explicitly warn users that enabling it may capture private conversations or ambient speech unintentionally. In a camera-recording skill, this omission increases the risk of covert or accidental audio capture because users may focus on video recording behavior and overlook the privacy implications of microphone use.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal