ClawHub

TG Cam Test

Security checks across malware telemetry and agentic risk

Overview

This camera skill is coherent and disclosed, but it should be installed only by users who trust the camera service and are comfortable storing its API credentials locally.

Install only if you trust the TG Cam/webcamapp.cc service and the publisher. Prefer configuring credentials through OpenClaw’s normal secure environment or secret settings instead of pasting keys in chat; rotate the API key if exposed. Be aware that snapshot requests can capture private scenes and may consume service storage or traffic.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
88% confidence
Finding
The skill is framed as a passive camera-query tool but explicitly includes triggering a fresh snapshot, which is an active side effect on a surveillance device. That mismatch can cause users or upstream orchestrators to invoke device actions without clear consent expectations, creating privacy and authorization risk even if the feature is intended.

Vague Triggers

Medium
Confidence
79% confidence
Finding
The trigger examples are broad conversational phrases that could match normal discussion and cause the skill to activate unexpectedly. In a camera skill, accidental activation is more sensitive than in low-risk domains because it may reveal device inventory, event history, or capture a new image.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill allows snapshot capture but does not require a pre-action warning or consent prompt before taking a new image. Because this is a surveillance context, silently triggering a capture can violate user expectations and privacy, especially when the skill otherwise appears read-oriented.

Missing User Warnings

High
Confidence
96% confidence
Finding
The skill instructs the agent to take credentials provided in chat and persist them into openclaw.json, but it does not discuss secure storage, scope limitation, masking, or cleanup. Persisting API keys from conversation into local config increases the chance of credential leakage through logs, filesystem exposure, backups, or later unintended reuse.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal