ClawHub

Apple TV

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a straightforward Apple TV remote-control helper, with expected device-control risks that users should understand before installing.

Install this only if you want the agent to act as a remote for your Apple TV. Protect the appletv.json credential file, verify the pyatv/atvremote install source, and consider requiring confirmation for disruptive actions such as power control, navigation, volume changes, or launching apps.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill invokes shell commands (`pipx install`, `atvremote`, and `scripts/appletv.py ...`) but does not declare permissions for shell capability. Undeclared execution capability weakens user and platform visibility into what the skill can do, and in this case it can directly control a local network device and change device state.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger phrase `TV` is overly broad and likely to match ordinary conversation, causing unintended activation. Because this skill performs state-changing actions such as pause, power off, navigation, and app launching, accidental invocation can lead to disruptive or unauthorized device control.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The description explains functionality but does not clearly warn users that the skill can perform state-changing operations on a physical/media device, including powering it off and launching apps. In context, this omission increases the chance of surprise actions and unsafe automation because users may interpret informational requests as harmless while the skill is capable of disruptive control.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal