ClawHub

Control Usb Relay

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it controls a USB relay, but users should treat it as real physical hardware control and review setup commands before running them.

Install only if you intend to let an agent switch a real connected device. Test first with no load or a harmless load, confirm every on/off action, do not rely on cached status as proof of physical relay state, avoid unattended automation for hazardous equipment, and review privileged setup commands such as dialout membership or curl-to-sudo before running them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (5)

Intent-Code Divergence

Medium
Confidence
92% confidence
Finding
The status APIs (`get_status`, `is_on`, `is_off`) report only an internally cached flag that is updated after writes, not the relay's actual hardware state. If the device is unplugged, externally changed, reset, or a write silently fails at the hardware level, callers may make safety-relevant decisions based on false state information, which is especially risky for code controlling physical equipment.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The guide encourages direct relay actuation of connected devices but does not warn about physical-world consequences such as energizing mains-connected equipment, unexpected device startup, or damage/injury risks. In a hardware-control skill, omission of safety guidance materially increases the chance that an agent or user triggers unsafe actions in the wrong context.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The automation examples show unattended loops that continuously switch hardware based on sensor input without any safeguards, timeout, fail-safe state, or warning about autonomous operation. This is dangerous because sensor faults, bad thresholds, or relay state drift could leave equipment cycling indefinitely or energized for long periods.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The setup instructs users to run `sudo usermod -a -G dialout $USER`, which changes system group membership and grants ongoing access to serial devices without explaining the security implications or clearly warning that a logout/login is required. On many systems, membership in `dialout` broadens hardware access and can expose connected devices or interfaces to misuse if the account is compromised.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The example code performs immediate relay actuation (`turn_on`/`turn_off`) without warning that this may energize or de-energize attached physical equipment. In a hardware-control skill, this omission can cause unsafe real-world effects such as switching mains-connected loads, motors, locks, or other actuators unexpectedly.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal