ClawHub

ecovacs-skills-pet-control

Security checks across malware telemetry and agentic risk

Overview

This skill coherently controls Ecovacs FAMIBOT robots, but users should treat it as a real device-control tool that can store an access key and change persistent robot settings.

Install only if you intend to let an agent query and control a FAMIBOT device. Prefer supplying ECOVACS_AK through your environment instead of saving it, keep PET_CMD_ALLOWLIST limited to everyday commands, avoid custom gateway URLs you do not trust, and confirm the target nickname before persistent settings or motion/display actions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Missing User Warnings

Medium
Confidence
79% confidence
Finding
The README explicitly states that the skill can perform persistent changes to robot settings such as microphone, volume, language, wake-related names, gender, and initialization flags, but it does not clearly warn users about permanence, side effects, or how to revert changes. In a conversational agent context, this increases the risk of unintended or socially engineered modifications because users may not understand that a casual request can alter durable device behavior.

Missing User Warnings

Low
Confidence
86% confidence
Finding
The skill exposes write operations that can change robot state, including camera, microphone, nickname, wake timeout, and display actions, but does not give a prominent warning that these commands affect a live physical device. That omission increases the risk of accidental privacy-impacting or disruptive actions by users or agents.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The reference explicitly documents a wake guard that may enable the camera and change the robot's work mode before sending display actions, but it does not clearly warn users that invoking these commands can wake the pet robot or alter device state. In a pet-control context, undocumented state-changing behavior can cause unintended activation, surprise movement, or privacy-sensitive changes, increasing the risk of unsafe or unwanted operation.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script persists the Ecovacs access key to ~/.ecovacs_session.json in plaintext without setting restrictive file permissions or warning the user that a long-lived credential is being stored locally. If the host is multi-user, backed up to less-trusted locations, or otherwise compromised, the AK could be recovered and used to enumerate and control the user's robot devices via the vendor API.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal