ClawHub

jf-open-pro-capture

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This skill does what it claims, but it handles camera credentials and surveillance images with overly broad endpoint and download controls that users should review before installing.

Review and restrict this skill before use: pin JF_ENDPOINT to trusted JFTech regional hosts, avoid putting passwords directly on the command line, store downloaded captures in a protected directory, delete captures when no longer needed, and rotate tokens or app secrets if they may have been exposed.

Publisher note

jf-open-pro-capture

SkillSpector (5)

By NVIDIA

Tainted flow: 'url' from os.getenv (line 92, credential/environment) → requests.post (network output)

Critical
Category
Data Flow
Content
"accessToken": access_token
    }
    
    response = requests.post(url, headers=headers, json=body, timeout=30)
    result = response.json()
    
    if result.get("code") != 2000:
Confidence
91% confidence
Finding
response = requests.post(url, headers=headers, json=body, timeout=30)

Tainted flow: 'url' from os.getenv (line 92, credential/environment) → requests.post (network output)

Critical
Category
Data Flow
Content
}
    }
    
    response = requests.post(url, headers=headers, json=body, timeout=30)
    result = response.json()
    
    if result.get("code") != 2000:
Confidence
91% confidence
Finding
response = requests.post(url, headers=headers, json=body, timeout=30)

Tainted flow: 'image_url' from requests.post (line 273, network input) → requests.get (network output)

Medium
Category
Data Flow
Content
是否成功
    """
    try:
        resp = requests.get(image_url, timeout=30)
        if resp.status_code == 200:
            with open(output_path, 'wb') as f:
                f.write(resp.content)
Confidence
87% confidence
Finding
resp = requests.get(image_url, timeout=30)

Lp3

Medium
Category
MCP Least Privilege
Confidence
96% confidence
Finding
The skill documentation describes use of environment variables, local file input/output, and outbound network access, but the skill does not declare corresponding permissions. That mismatch weakens review and consent controls because users and platforms cannot accurately assess that the skill reads secrets, accesses device data, and may download surveillance images to local storage.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill includes examples for downloading captured images locally and passing device passwords/tokens, but does not prominently warn that the downloaded content may be sensitive surveillance imagery and that credentials/tokens require careful handling. This increases the risk of accidental local exposure through shell history, insecure file permissions, shared directories, backups, or operator misunderstanding.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal