ClawHub

jftech-open-pro-ai-smart-search

Security checks across malware telemetry and agentic risk

Overview

This skill is a sensitive but clearly documented JF Tech cloud video search and playback helper that uses user-provided credentials to call JF API endpoints.

Install only if you intend to let this skill search and retrieve playback URLs for JF Tech cloud-stored camera or alarm videos. Use credentials scoped to the specific account and device, keep JF_ENDPOINT pointed at official JF hosts, and treat returned playback URLs, device tokens, search terms, and video metadata as private because they may allow viewing or downloading sensitive footage.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Tp4

High
Category
MCP Tool Poisoning
Confidence
88% confidence
Finding
The skill is presented as a semantic search tool, but the documented behavior expands into playback URL retrieval, token generation, and direct access to arbitrary time-bounded streams. This broadens the capability from search to content access and stream exposure, which can enable unauthorized surveillance, over-collection, or misuse of video resources if users or downstream agents invoke functions they did not expect from the description.

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The skill is described as semantic video search, but the script also performs cloud-playback retrieval and prints direct playback/download instructions. This expands the capability from discovery to direct access of recorded video, increasing privacy and abuse risk because a user can immediately stream or download footage once credentials are present.

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The code obtains device tokens and exchanges them for direct video stream URLs, which is a sensitive access path beyond simple search results. In the context of a smart-search skill, this makes the skill materially more dangerous because anyone able to run it with valid environment credentials can access archived surveillance footage directly.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal