ClawHub

Screen Vision

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says, but it needs Review because it can auto-install remote tools and then read and click on the user's screen.

Install only if you trust the publisher and are comfortable with a terminal tool that can read visible screen text and click UI elements. Review and run setup manually, prefer app or region filters instead of full-screen OCR, and manually approve any tap action that could submit, buy, delete, or change data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill declares only Bash and Read as allowed tools and includes shell-based installation/execution behavior, but it does not clearly declare permissions or present this as a sensitive capability. Because the skill can install software and drive screen interaction from the terminal, under-declared shell capability increases the risk of users invoking privileged or privacy-impacting actions without informed consent.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill instructs automatic setup that may install `screen-vision` and `cliclick`, then exposes OCR and click automation over the user's screen, but it does not clearly warn users about the installation side effects, screen-capture privacy implications, or automation risk. In this context, silent installation plus screen-reading and click execution is especially sensitive because it can expose on-screen secrets and trigger unintended actions in other applications.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal