ClawHub

Alexa Cli.Bak

Security checks across malware telemetry and agentic risk

Overview

The skill matches its Alexa-control purpose, but it gives an agent broad smart-home and Alexa history access without enough safety or privacy guardrails.

Install only if you intend to let an agent operate Alexa and connected smart-home devices. Require explicit user confirmation for locks, thermostat changes, alarms, purchases if enabled, and all-device announcements; avoid history, calendar, and conversation retrieval unless specifically requested; and protect or remove the local Alexa config when access is no longer needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly enables real-world smart-home actions such as controlling lights, thermostats, locks, and timers, but it provides no safety guidance, confirmation requirements, or warning that these commands can affect physical devices and household security. In an agent setting, natural-language passthrough like `alexacli command` materially increases risk because a mistaken, malicious, or context-confused invocation could unlock or alter physical systems.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill exposes history, conversation listing, fragment retrieval, calendar queries, and Alexa+ conversation access without any privacy warning or data-sensitivity guidance. These features can reveal personal schedules, voice activity, device usage, and conversation content, which is especially risky when embedded in an agent that may surface or store retrieved data automatically.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal