ClawHub

linux-camera

Security checks across malware telemetry and agentic risk

Overview

This is a real Linux camera skill, but its streaming mode can expose live camera video on the network without authentication.

Install only if you intentionally want camera capture and streaming from this machine. Treat the stream server as private-video exposure: use it only on trusted networks, firewall the port, avoid public or shared hosts, prefer localhost binding if you modify it, and avoid putting RTSP credentials in command lines or logs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger list includes broad everyday terms like 'camera', 'photo', 'picture', 'video', 'record', and 'stream', which are likely to match benign conversational requests. In a skill that can capture images/video and expose live feeds, accidental invocation can result in unintended surveillance, recording, or network streaming without sufficiently specific user intent.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The documentation advertises live camera streaming endpoints over HTTP and RTSP, including examples binding to a device IP, but does not warn that this may expose a real-time camera feed to other hosts on the network. In the context of a camera skill, missing a clear exposure warning is dangerous because users may unintentionally publish sensitive video from webcams or IP cameras without authentication, access controls, or network scoping.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The script captures an image from an attached camera and passes -y to ffmpeg, which silently overwrites an existing file, but it provides no explicit privacy warning or overwrite confirmation. In an agent/skill context, this can lead to unexpected collection of sensitive images and accidental destruction of prior files in /tmp or a user-specified path.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The server binds to 0.0.0.0 and exposes live camera feeds, snapshots, status, HLS, and optional RTSP restreaming without authentication, access control, or an explicit privacy warning. In the context of a camera skill, this is especially dangerous because it can unintentionally expose real-time video from a local webcam or IP camera to anyone on the reachable network.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal