ClawHub

AIOZ Stream Toolkit

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed AIOZ Stream helper that uses user-provided API keys to upload selected videos and query account/media analytics.

Install only if you want an agent to operate your AIOZ Stream account. Use a dedicated or least-privileged API key if available, provide credentials through environment variables or a secret manager, confirm the exact video path and title before upload, and avoid pasting secret keys into chat or command history.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill declares access to shell-capable tooling and scripts but does not declare permissions accordingly, which weakens review-time transparency and user trust. This matters because the skill can perform filesystem reads and network operations through bash/curl, yet its permission model does not clearly communicate that execution capability.

Tp4

High
Category
MCP Tool Poisoning
Confidence
89% confidence
Finding
The skill description emphasizes media upload and stream operations, but the documented behavior also includes retrieving account/user information and usage/billing-style analytics. That broader access increases privacy sensitivity and can cause users to authorize or invoke the skill without realizing it can access account metadata beyond the immediate requested media action.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill supports uploading local files to an external API but does not provide a clear user-facing warning that local file contents, filenames, titles, hashes, and related metadata will be transmitted off-host. Without that disclosure, users may unintentionally expose sensitive media or metadata to a third-party service.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The document instructs use of both a public key and a secret API key but provides no guidance on safe handling of the secret, increasing the chance operators paste it into logs, chat, shell history, or insecure scripts. In an agent skill context, this is more dangerous because users may supply credentials directly to automation, where they can be inadvertently exposed or reused across requests.

External Transmission

Medium
Category
Data Exfiltration
Content
Then upload via multipart form-data with the Content-Range header:

```bash
curl -s -X POST "https://api.aiozstream.network/api/media/VIDEO_ID/part" \
  -H "stream-public-key: $STREAM_PUBLIC_KEY" \
  -H "stream-secret-key: $STREAM_SECRET_KEY" \
  -H "Content-Range: bytes 0-$END_POS/$FILE_SIZE" \
Confidence
93% confidence
Finding
https://api.aiozstream.network/

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal