ClawHub

Shelly Sync

Security checks across malware telemetry and agentic risk

Overview

This skill is mainly for home energy monitoring, but it can control real appliances through Home Assistant with under-disclosed credentials and limited safety gating.

Review before installing. Only use this if you intend to let the skill control the specific Home Assistant entities involved, and configure the token with the narrowest possible permissions. Treat optimize_load as capable of switching appliances on immediately, especially high-load devices such as chargers, pumps, or washers.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill declares environment and network-dependent behavior without explicitly declaring corresponding permissions, which weakens transparency and permission gating. In practice this can let a user or reviewer underestimate the skill's access to local devices and external services, increasing the risk of unintended data access or device control.

Tp4

High
Category
MCP Tool Poisoning
Confidence
98% confidence
Finding
The documented purpose suggests local Shelly monitoring and appliance automation, but the behavior reportedly also includes Home Assistant API control using bearer tokens and remote API interactions. This mismatch is dangerous because users may authorize or run the skill without understanding it can access another automation platform, use credentials from the environment, and perform broader device actions than advertised.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The optimize_load capability can toggle appliances based on power thresholds, but the description lacks a clear safety warning about autonomous device control. In a home automation context, undisclosed switching behavior can cause operational disruption, unexpected equipment activation, or unsafe interactions with high-load appliances.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The skill can automatically turn on real-world devices when surplus power is detected, without an additional confirmation step, interlock, or policy check at execution time. In a home automation context, this can cause unsafe or unwanted actuation of appliances, especially if the skill is invoked unexpectedly, misconfigured, or fed inaccurate power readings.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal