Back to skill
Skillv2.0.8
ClawScan security
reCamera Intellisense · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 21, 2026, 11:30 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code and runtime instructions match its stated purpose (remote and local control of reCamera devices); the main concerns are a small metadata inconsistency and the fact that long‑lived device tokens are stored on disk in plaintext — which is expected but deserves user caution.
- Guidance
- This skill appears to do exactly what it claims: control reCamera Pro devices via a bundled Python SDK. Before installing: 1) Review and back up any existing ~/.recamera/devices.json and ensure its permissions are restricted (chmod 600). 2) Only register devices you control — tokens are long‑lived bearer credentials. 3) If you run an MCP server or any service that shares ~/.recamera/devices.json, understand that those services will have the same tokens. 4) If you need greater assurance, review the bundled Python files (they are included) before using the skill to confirm no unexpected endpoints or behaviors. 5) Note the registry metadata omission of the config path — consider asking the skill publisher to correct the package metadata so automated governance systems account for the config file.
Review Dimensions
- Purpose & Capability
- noteThe name/description (reCamera device management, detection, captures, GPIO, etc.) line up with the bundled Python SDK and the commands it exposes. One inconsistency: the top-level registry metadata you provided listed no required config paths, but SKILL.md metadata and the SDK both use a credential store at ~/.recamera/devices.json — so the skill will read/write that file. That config path is coherent with the skill's purpose but the registry metadata omission is a packaging inconsistency.
- Instruction Scope
- okSKILL.md instructs the agent to run the bundled stdlib-only Python SDK and to call specific commands; the runtime instructions limit actions to device registration, HTTP/Unix-socket API calls to user-registered devices, file/capture operations, and GPIO. The SDK validates absolute paths and enforces same-origin redirects for bearer tokens. There are no instructions to read unrelated host files or to exfiltrate arbitrary data.
- Install Mechanism
- okThere is no install step (instruction-only runtime). The package includes an embedded stdlib-only Python SDK (no pip/npm downloads or external installers). That is low-risk — code runs in-process from the skill bundle rather than fetching remote code at install time.
- Credentials
- noteThe skill does not request environment variables or unrelated credentials, which is appropriate. It does persist long-lived bearer tokens (format sk_...) into ~/.recamera/devices.json (stored in plaintext, auto-created with an intended chmod 600). Persisting long-lived device tokens is necessary for operation, but it is sensitive: users should ensure the file permissions, avoid committing it to VCS, and understand these tokens grant remote control of devices.
- Persistence & Privilege
- noteThe skill is not force-enabled (always=false) and does not request elevated system privileges. It will create and modify ~/.recamera/devices.json and may connect to a local daemon socket (/dev/shm/rcisd.sock) if present — both are reasonable for a device-management skill. Note the SKILL.md explicitly says the config file is shared with the MCP server if installed; that sharing is an intentional design choice and increases the blast radius of leaked tokens.