ClawHub

Rdk X5 Media

Security checks across malware telemetry and agentic risk

Overview

This appears to be a hardware demo helper with some sensitive camera and credential examples that need care, but no evidence of hidden or malicious behavior.

Install only if you are using an RDK X5 board for its preinstalled camera, AI, RTSP, or preview demos. Do not paste real camera passwords into commands that may be saved in shell history or logs, run preview servers only on trusted networks, and stop camera/web services when finished.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The skill documentation expands into AI inference and browser-served result viewing even though the manifest says the skill should not be used for AI algorithm tasks. This scope drift is dangerous because it can cause an agent to invoke this skill in a higher-risk context than intended, potentially exposing additional services and behavior that were not declared or security-reviewed as part of the media-only scope.

Description-Behavior Mismatch

Low
Confidence
83% confidence
Finding
The WebSocket preview/server setup introduces a network-exposed viewing component that is not declared in the manifest description. Undeclared network services increase risk because operators and orchestrators may not realize the skill opens or depends on browser-accessible functionality, leading to incomplete review and mis-scoped use.

Intent-Code Divergence

Medium
Confidence
93% confidence
Finding
The section heading explicitly advertises AI inference despite the manifest telling users not to use this skill for AI algorithms. This contradiction can mislead an autonomous agent or operator into bypassing intended skill separation, causing the wrong skill to be selected for more sensitive processing workflows.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The RTSP example embeds credentials directly in the connection URL and provides no warning about secret handling. This is dangerous because users may copy real usernames and passwords into shell history, logs, screenshots, or shared documentation, causing credential leakage and unauthorized access to cameras or streams.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal