ClawHub

Jf Open Pro Ai Elderly Care

Security checks across malware telemetry and agentic risk

Overview

This elderly-care monitoring skill is mostly purpose-aligned, but it handles sensitive vulnerable-person data and can change monitoring settings without enough privacy, consent, or credential-safety guardrails.

Install only if you are authorized to monitor the device and the person being monitored has appropriate notice or consent. Treat the JF app secret, authorization token, device serial number, and user IDs as sensitive credentials; prefer protected environment variables or a secret manager over command-line arguments. Confirm any action that disables monitoring or changes abnormal-behavior thresholds, and avoid using this skill in shared systems where command history or process lists may be visible.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
82% confidence
Finding
The trigger phrases are broad everyday expressions such as '老人看护', '跌倒告警', and '远程看护', which can cause accidental activation in normal conversation. In a monitoring skill tied to device state changes and sensitive health/alert queries, unintended invocation may expose private data or alter service settings without clear user intent.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill processes highly sensitive monitoring data about elderly individuals, including fall alarms, abnormal behavior, routines, diet, and media URLs, but the document provides no user-facing privacy warning, consent expectations, retention guidance, or data-sharing notice. In this context, missing privacy disclosures materially increase the risk of unauthorized monitoring, surprise access to intimate behavioral data, and noncompliant handling of health-adjacent information.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The documentation instructs users to configure multiple sensitive credentials, including app secrets and authorization tokens, but does not warn against logging, sharing, committing, or overexposing them. Because these credentials can authenticate to device-monitoring APIs, leakage could allow unauthorized access to elderly-care telemetry, alerts, or service controls across accounts/devices.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
Accepting `--secret` and `--auth` on the command line exposes sensitive credentials through shell history, process listings, audit logs, and job runners. In this elderly-care context, stolen API credentials could let an attacker query device state or modify abnormal-behavior alert settings, weakening monitoring for vulnerable users.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The script requires sensitive values such as appKey, secret, and authorization token to be supplied on the command line. Command-line arguments are commonly exposed to other local users via process listings, shell history, job control logs, and audit tooling, which can leak credentials without the operator realizing it.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal