ClawHub

SmartThings Direct

Security checks across malware telemetry and agentic risk

Overview

This skill transparently enables authenticated SmartThings device and scene control through the official CLI, with real-world safety risks that are disclosed enough for a benign verdict but should be handled cautiously.

Install only if you want an agent to use authenticated SmartThings control for real devices in your home. Use explicit SmartThings wording when invoking it, protect OAuth/PAT credentials, and require confirmation before locks, HVAC changes, alarms, cameras, broad scenes, or any command that affects safety, privacy, comfort, or power use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
86% confidence
Finding
The invocation description is broad enough to trigger on generic smart-home related language, increasing the chance the agent selects this skill when the user did not explicitly intend direct SmartThings control. Because this skill can issue real-world device commands, overbroad routing raises the risk of unintended device manipulation rather than being a purely cosmetic matching issue.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill explicitly advertises direct device control and scene execution while bypassing Home Assistant and Matter, but it does not prominently warn that commands may cause consequential physical actions in the home. In this context, missing safety guidance is significant because actions affecting locks, HVAC, lights, or scenes can impact security, safety, privacy, or property.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal