Back to skill

Security audit

Mijia

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it lets an agent control a configured Xiaomi Mijia lamp, with no evidence of hidden data theft, persistence, or unrelated behavior.

Install only if you want your agent to control the configured Mijia device. Verify that MIJIA_LAMP_DID points to the intended device, review the Xiaomi QR login flow, and consider requiring confirmation before power, brightness, mode, or smart-plug actions, especially in shared spaces or if you extend the skill beyond lamps.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill instructs use of environment variables and execution of local commands, but the manifest does not declare any corresponding permissions or capability expectations. This creates a transparency and trust problem: users and calling agents may not realize the skill accesses sensitive local configuration and can trigger real-world device actions.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The README encourages natural-language control of physical smart-home devices but does not warn users that agent-issued commands can directly change real-world device state. In an AI-agent context, ambiguous prompts, prompt injection, or accidental invocation could cause unintended power, brightness, or mode changes to physical devices, which is more dangerous than a purely digital action.

Missing User Warnings

Low
Confidence
88% confidence
Finding
The skill directs users to authenticate with a Xiaomi account and store a device identifier in an environment variable without any guidance on protecting account credentials, QR login sessions, or device IDs. While a device ID is not usually secret by itself, combined with account access and automation context it can expose household device inventory and enable unintended control if mishandled.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.