ClawHub

jf-open-pro-livestream

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This skill appears to be a legitimate camera livestream helper, but it can expose sensitive live video URLs using stored credentials and does not clearly warn or gate that access.

Review this before installing in any environment with real cameras. Use only least-privilege JF credentials, keep tokens and returned livestream URLs out of logs and chat transcripts, avoid long URL expirations, and require explicit user confirmation before running it. Do not use the test-url action unless you trust the configured endpoint and upstream API response.

SkillSpector (4)

By NVIDIA

Context-Inappropriate Capability

Low
Confidence
87% confidence
Finding
The test-url action performs a server-side HEAD request to whatever livestream URL is returned by the upstream API, creating an SSRF-style primitive if that API, endpoint configuration, or response is compromised. In this skill context, the feature exceeds simple URL generation and causes the host running the skill to make secondary outbound requests to arbitrary destinations.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The trigger phrases such as '获取直播地址', '直播预览', and '实时播放' are broad and overlap with normal user requests. This can cause accidental activation in unrelated contexts, which is risky here because the skill can use stored credentials and device tokens to fetch sensitive livestream URLs.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The activation guidance repeats generic trigger wording without specifying scope, authorization expectations, or device-selection boundaries. In a skill that exposes real-time camera feeds, vague activation conditions increase the chance of unintended invocation and disclosure of monitoring stream URLs.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The documentation instructs users to configure sensitive credentials including app secrets, device tokens, and optional device passwords, and the skill can produce direct livestream URLs, but it provides no user-facing warning about the sensitivity of these values or the privacy implications of exposing camera streams. If mishandled, these secrets or URLs could enable unauthorized access to device video feeds or broader account/device operations.

Static analysis

Env credential access

Critical
Finding
Python code POSTs credential environment variables to an environment-controlled URL.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal