ClawHub

embedded-engineer

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only embedded engineering skill with useful examples, but some sample firmware patterns are unsafe if copied into production unchanged.

Reasonable to install as a reference skill. Do not deploy the examples unchanged: replace sample credentials, use TLS and authentication for MQTT/web endpoints, require signed and verified HTTPS OTA updates, and gate reset/reboot/control actions behind explicit physical or authenticated admin controls.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The example implements remote firmware update logic that fetches update metadata and binaries from network locations and installs them automatically, including restart behavior. In the provided code this is done over plain HTTP and without any visible authentication, integrity verification, certificate validation, or operator approval, which creates a realistic path to remote code execution on the device.

Context-Inappropriate Capability

Low
Confidence
84% confidence
Finding
The web server and WebSocket endpoints expose live device and system state and add an unnecessary remotely reachable service surface for an example skill whose purpose is general embedded engineering assistance. Because no authentication, authorization, or transport protection is shown, the example normalizes insecure service exposure and could leak operational telemetry or become an entry point for further attacks.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The markdown presents code that automatically checks for and installs OTA updates over HTTP, then restarts the device, without prominently warning readers that it performs remote retrieval and code replacement. In sample code, this is dangerous because users often copy it verbatim, turning documentation into a deployment of insecure update logic vulnerable to man-in-the-middle or malicious server compromise.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The example includes a factory reset routine that formats SPIFFS, clears Wi‑Fi credentials, and reboots, triggered by button presses, but the markdown does not clearly warn that this is destructive behavior. Even though physical interaction is required, undocumented destructive operations can cause denial of service, loss of configuration, and accidental device deprovisioning when copied into production firmware.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal