ClawHub

H-ear

Security checks across malware telemetry and agentic risk

Overview

This skill mostly fits an audio-classification service, but it includes an under-disclosed live RTSP capture command that runs ffmpeg and can submit captured audio to H-ear.

Install only if you are comfortable giving this skill H-ear credentials and sending selected audio, audio URLs, job metadata, and webhook callback data to the H-ear service. Treat `capture`/`listen` as a high-risk feature: it can capture from an RTSP/source URL using ffmpeg and submit the result for classification, even though that capability is not listed in SKILL.md. Require explicit user approval for live capture and webhook create/update/delete, use least-privileged credentials, and avoid private or regulated audio unless you have reviewed H-ear’s data handling terms.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Tp4

High
Category
MCP Tool Poisoning
Confidence
86% confidence
Finding
The public description frames the skill as passive sound interpretation, but the documented behavior includes webhook management, historical job/audio retrieval, report download, and external callback routing. That mismatch can cause users or agents to invoke actions that transmit or expose sensitive audio-derived data without fully understanding the operational scope.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill states that asynchronous classification and alerts use webhook callbacks routed through the gateway, but it does not prominently warn that job results and possibly sensitive audio-derived metadata are transmitted to external infrastructure. In an audio intelligence context, this is especially risky because environmental audio and derived events may contain private or regulated information.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal