ClawHub

Philips Hue Thinking Indicator

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Philips Hue light-control helper, with the main caveat that users should verify the separate hue command and protect the local Hue credential.

Before installing, verify the actual hue executable because it was not included in the reviewed files and the repository examples use placeholder names. Use a dedicated light, keep ~/.config/philips-hue/config.json private, and be aware that pulse mode may keep running until stopped.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill clearly instructs users and agents to run shell commands and install an executable (`hue`) via PATH, yet the metadata does not declare corresponding permissions or code-execution capability. This mismatch can cause the platform or user to underestimate the skill's ability to invoke local commands, increasing the risk of unexpected command execution and reducing review transparency.

Missing User Warnings

Low
Confidence
89% confidence
Finding
The README says an AI assistant will automatically run Hue commands but does not clearly warn that this causes real-world changes to physical devices in the user's home. In a skill context, hidden or implicit physical actuation is a safety and consent issue because users may enable automation without realizing the assistant can control lights autonomously.

Missing User Warnings

Low
Confidence
87% confidence
Finding
The README shows a stored Hue API username in a config file without warning that this value functions like a local access token for the Hue Bridge. If exposed through screenshots, backups, permissive file permissions, or repository commits, another local user or attacker could use it to control the user's lights.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The documentation shows a persistent config file containing the Hue bridge IP and `username` API credential, but does not warn that this value is effectively a secret granting control of the local lighting system. Storing and displaying it without guidance on file permissions, redaction, or secret handling increases the chance of credential leakage through screenshots, logs, shell history, backups, or multi-user systems.

Missing User Warnings

Low
Confidence
89% confidence
Finding
The script appends a user-specific directory to PATH in a shell initialization context, which changes command resolution for the entire session without explanation or scoping. This can cause unintended execution of binaries from that directory, and if the directory contents are modified or less trusted than system paths, it increases the risk of command hijacking.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal