ClawHub

Управление устройствами умного дома Яндекса (Алиса) через официальный IoT API

Security checks across malware telemetry and agentic risk

Overview

This smart-home skill is coherent, but it gives an agent broad ability to inspect and control real household devices without clear confirmation safeguards.

Install only if you are comfortable giving the agent a Yandex token that can view and control your smart home. Before using it, require manual confirmation for any state-changing command, group action, thermostat change, scenario launch, or request affecting many devices, and avoid sharing raw /user/info output because it can reveal household layout and device ownership.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Low
Confidence
84% confidence
Finding
The skill instructs users to enumerate `/user/info`, which reveals the full smart-home inventory including devices, rooms, groups, and scenarios, but it does not warn that this is privacy-sensitive household metadata. Exposure of this information can reveal occupancy patterns, home layout, and device ownership, increasing privacy and reconnaissance risk if logs or outputs are shared.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The documentation provides direct commands for changing device state, controlling groups, and triggering scenarios, but does not warn that these actions can alter the user's physical environment. In a smart-home context, unintended execution can affect lighting, HVAC, locks or other automations, causing safety, security, or operational issues.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal