ClawHub

Geeklink Home

Security checks across malware telemetry and agentic risk

Overview

This skill appears purpose-built for Geeklink smart-home LAN control, but it stores gateway credentials locally in plaintext while enabling real device and scene changes.

Review before installing. Use only on a trusted machine and trusted LAN, protect the pairing token like a password, and inspect or remove ~/.geeklink-home/config.json when you no longer want cached access. Be aware that this skill can monitor recent smart-home events while loaded and can change the state of connected devices and scenes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The CLI includes `skill prompt`, which prints the full system prompt. Exposing hidden operational instructions can leak internal behavior constraints, tool-usage logic, and prompt structure that make prompt-injection evasion, social engineering, or targeted misuse easier for anyone with local CLI access.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The documentation instructs users to copy a sensitive pairing token and pass it on the command line without warning that it is effectively a credential. Such secrets can be exposed through shell history, process listings, screenshots, logs, or shared terminal transcripts, which could enable unauthorized control of the home gateway if obtained by another local user or support channel.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The skill documents scene activation and device control commands that can change real-world device state, but provides no safety warning or confirmation guidance. In a home-automation context, undocumented actuation risk can lead to unintended switching of lights, HVAC, or other connected devices, especially when natural-language mapping is involved.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The code persists `pairingToken` and `sessionToken` to a predictable file under the user's home directory without setting restrictive file permissions or warning the user. Any local process or user able to read that file could reuse those credentials to authenticate to the LAN gateway and control devices or query state.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal