ClawHub

三峰智能

Security checks across malware telemetry and agentic risk

Overview

This smart-home skill has a coherent purpose, but it can store a reusable home-control token and trigger broad real-world device changes from ambiguous scene phrases.

Review before installing. Use only in a trusted local workspace, assume state.json may grant access to your smart-home account, avoid ambiguous scene phrases, and clear the saved state or revoke the session when you no longer need the skill.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

High
Confidence
95% confidence
Finding
The skill declares that 'any mode/scene name' should trigger execution, which creates an overly broad activation surface and can cause unintended smart-home actions from ordinary conversation. In a home-automation context, accidental execution can directly affect physical devices such as lights, curtains, sockets, or HVAC, making this more dangerous than a normal intent-matching bug.

Ssd 3

High
Confidence
99% confidence
Finding
The skill explicitly instructs the agent to persist bearer tokens and home/device state in a local JSON file without any protection controls. Plaintext session storage increases the risk of token theft, account takeover, and unauthorized control of smart-home devices if the local state file is exposed to other skills, processes, users, logs, or backups.

Ssd 3

High
Confidence
98% confidence
Finding
The login workflow captures user-supplied account credentials, exchanges them for a token, and then persists sensitive session data for reuse. This creates a durable credential boundary crossing in which both secrets handling and long-lived session retention can expose the user's smart-home account to unauthorized access and device control.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal