ClawHub

PiKVM

Security checks across malware telemetry and agentic risk

Overview

This skill transparently controls a user-configured PiKVM device, including powerful remote-control actions, but those capabilities are disclosed and aligned with its purpose.

Install only if you want an agent to operate a specific PiKVM-controlled machine. Keep SSL verification enabled when possible, use the least-privileged PiKVM account available, avoid putting passwords on command lines, and approve power, reset, HID typing, virtual-media, and switch-port actions only when they match your intent.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill clearly requires environment variables containing PiKVM credentials and performs authenticated HTTP operations against a remote device, but it does not declare explicit permissions despite using env and network capabilities. This weakens policy enforcement and review visibility, making it easier for a high-impact remote-control skill to access secrets and external systems without clear permission gating.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The documentation explicitly instructs users to place PiKVM credentials in request headers, basic auth, and even append the current 2FA code directly to the password string, but provides no warning about secret handling, redaction, logging, or secure transport. In an agent skill context, this is risky because agents and toolchains often log request parameters, headers, or error traces, which can expose long-lived credentials and time-sensitive OTP values.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal