ClawHub

Farmos Observations

Security checks across malware telemetry and agentic risk

Overview

This FarmOS skill appears purpose-built for farm observations, but it needs review because it can use manager-level authentication to create records, upload photos, and send urgent alerts through a hard-coded internal backend.

Install only if you trust the FarmOS backend and the local auth helper. Before use, confirm the token is least-privileged, the internal HTTP endpoint is intended for your environment, and the agent will show details and ask before creating records, uploading photos, creating downstream work, or alerting operators.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
87% confidence
Finding
The trigger phrases are broad enough to match ordinary conversational language such as 'something is wrong' or 'beans look rough,' which can cause the skill to activate in situations where the user did not intend to log or query observations. In this skill, unintended invocation is more concerning because activation can lead to follow-up prompts, context extraction from channel conversations, and potential creation of backend records involving operational farm data.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill instructs the agent to extract details from crew reports and upload observations and photos to backend services, but it does not require a clear user-facing disclosure that potentially sensitive operational data and images will be transmitted and stored. This is risky because field conditions, equipment issues, and geolocated photos may expose proprietary farm operations or personal data, especially when the skill proactively offers to log information from channel conversations.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal