Jf Open Pro Ai Indoor Security

Security checks across malware telemetry and agentic risk

Overview

This skill appears purpose-aligned for JF Tech indoor security, but it handles home-security credentials, household telemetry, and biometric member records with weak guardrails.

Install only if you trust the publisher and intend to let the agent operate JF Tech indoor-security APIs. Use dedicated, least-privilege credentials if possible, avoid putting secrets directly in shell history or process-visible command lines, and require explicit human confirmation before adding, updating, or deleting members, uploading face images, or changing security service state.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (9)

Context-Inappropriate Capability

High

Confidence: 99% confidence
Finding: The file contains hardcoded example credentials, including an app_secret, in executable source code. Even if intended as test data, embedded secrets can be harvested from source repositories, packages, logs, or reverse engineering and then reused to forge signatures or access upstream services, which is especially sensitive in a home-security context.

Vague Triggers

Medium

Confidence: 82% confidence
Finding: The trigger phrases are broad, everyday expressions related to home safety and family care, which can easily overlap with normal conversation. Over-broad triggers increase the risk of accidental invocation of a skill that can query sensitive household activity or perform configuration changes.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The document includes operations that can delete members, modify configurations, and manage face samples, but it does not clearly warn users about the privacy, biometric, and service-impact risks. In a home-security context, silent or poorly signposted destructive actions could remove trusted identities, disable protections, or alter alerting without informed consent.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The script requires sensitive values such as appkey, secret, and auth token as command-line arguments. On many systems, CLI arguments may be exposed through shell history, process listings, audit logs, or job runners, which can leak credentials and allow unauthorized access to the indoor security API and alarm data.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The script accepts sensitive values such as `secret` and `Authorization` token directly via command-line arguments, which can be exposed through shell history, process listings, job logs, or audit tooling on shared systems. In this skill's context, those credentials grant access to indoor security device APIs, so leakage could expose device state or enable unauthorized service changes.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The add/list workflow transmits highly sensitive data, including biometric face images, device identifiers, UUID/appKey values, and bearer authorization tokens to a remote API, yet the CLI provides no explicit consent prompt, warning, or guardrail before sending them. In a home indoor-security context, this is more dangerous because the data concerns household members' biometrics and identity, increasing privacy harm and the consequences of accidental or unauthorized use.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The delete action performs a remote, potentially irreversible deletion of a face sample with no confirmation prompt, dry-run, or secondary verification. In this skill context, deleting household biometric records can disrupt monitoring, remove trusted-member recognition, and cause privacy/integrity issues if the command is triggered accidentally or by an unauthorized caller using available credentials.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The script sends sensitive identifiers and credentials, including uuid, appKey, signature, and Authorization token, to a remote API and is explicitly designed to query indoor security telemetry. While transmitting such data to the vendor API is functionally necessary, the lack of disclosure, masking, or safeguards increases the risk of accidental misuse, especially in a security-monitoring skill handling household presence data. In this context, exposed credentials could enable unauthorized querying of occupancy and behavior statistics.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The CLI accepts secrets and bearer-style tokens via command-line arguments, which can be exposed through shell history, process listings, audit logs, and orchestration tooling. In a home security analytics skill, compromise of these values could grant access to sensitive indoor monitoring data or enable unauthorized API operations under the user's account. This is a well-established secret-handling weakness, not just a usability issue.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal