Govee Lights Control

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it controls Govee lights through the Govee API, with no evidence of hidden data collection or persistence.

Install only if you are comfortable giving the agent a Govee API key that can control devices linked to that account. Use exact device names or run the list command first, keep the API key private and revocable, and consider installing Python dependencies in a virtual environment.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Taint TrackingDirect Taint Flow, Variable-Mediated Taint Flow, Credential Exfiltration Chain
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (5)

Tainted flow: 'HEADERS' from os.environ.get (line 19, credential/environment) → requests.get (network output)

Critical

Category: Data Flow
Content: def get_devices(): """Fetch all devices linked to your Govee account.""" response = requests.get(f"{BASE_URL}/user/devices", headers=HEADERS) response.raise_for_status() data = response.json() if data.get("code") == 200:
Confidence: 90% confidence
Finding: response = requests.get(f"{BASE_URL}/user/devices", headers=HEADERS)

Tainted flow: 'HEADERS' from os.environ.get (line 19, credential/environment) → requests.post (network output)

Critical

Category: Data Flow
Content: "capability": capability } } response = requests.post( f"{BASE_URL}/device/control", headers=HEADERS, json=payload
Confidence: 90% confidence
Finding: response = requests.post( f"{BASE_URL}/device/control", headers=HEADERS, json=payload )

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: This code sends remote control requests to Govee devices that can change physical device state, but there is no confirmation prompt or advance warning before issuing the action. Although success is printed afterward, the user is not explicitly warned before the irreversible state change occurs, which is the kind of safety-relevant operation this rule covers for code files.

External Transmission

Medium

Category: Data Exfiltration
Content: "capability": capability } } response = requests.post( f"{BASE_URL}/device/control", headers=HEADERS, json=payload
Confidence: 80% confidence
Finding: requests.post( f"{BASE_URL}/device/control", headers=HEADERS, json=

Env Variable Harvesting

High

Category: Data Exfiltration
Content: import requests # Get API key from environment variable API_KEY = os.environ.get("GOVEE_API_KEY") if not API_KEY: raise ValueError("GOVEE_API_KEY environment variable not set. " "Get your key from https://developer.govee.com/")
Confidence: 70% confidence
Finding: os.environ.get("GOVEE_API_KEY

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal