ClawHub

qrcode-scan

Security checks across malware telemetry and agentic risk

Overview

This is a coherent QR code utility with documented URL scanning and WiFi QR handling, but users should be careful with remote URLs and WiFi passwords.

Install only if you are comfortable with a QR tool that can fetch user-provided image URLs and process WiFi credentials. Prefer local files for sensitive QR codes, avoid scanning internal or untrusted URLs, and avoid putting real WiFi passwords in command-line arguments or printed output.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The scanner supports fetching images from arbitrary remote URLs, but this capability is not disclosed in the skill description. In an agent setting, hidden network access expands the trust boundary and can enable SSRF-style access to internal resources or unexpected outbound requests when users believe they are only processing local image data.

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
The function auto-detects whether a string is a URL and then performs a network request implicitly. This is dangerous because a caller intending to pass text or a path may unintentionally trigger outbound access, creating an undocumented network primitive that can be abused for SSRF or to exfiltrate request metadata in agent environments.

Missing User Warnings

Medium
Confidence
79% confidence
Finding
The documentation normalizes generating and parsing WiFi QR codes containing plaintext credentials without warning that SSIDs and especially passwords are sensitive secrets. This can lead downstream agents or users to log, echo, store, or share network credentials unintentionally, increasing exposure risk in chats, terminals, and generated files.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
This example directly prints the parsed WiFi password in plaintext, creating a concrete insecure usage pattern that operators and agents may copy verbatim. In real environments this can expose credentials in console history, logs, screenshots, or transcripts, making compromise of the WiFi network more likely.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
User-supplied URLs are fetched over HTTP(S) without any disclosure in the relevant code path. In a skill or automation context, silent remote fetching can surprise users and operators, and it increases risk by allowing attacker-chosen endpoints to receive requests from the execution environment.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal