v0.1.0

Synology Surveillance

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:28 AM.

Analysis

The skill appears to control Synology cameras as advertised, but it asks for powerful surveillance credentials and can change camera/recording state, so it needs careful review before use.

GuidanceOnly install this if you are comfortable giving the agent access to your surveillance system. Use a dedicated least-privilege Synology account, do not use your NAS admin account, prefer HTTPS, avoid putting the password in TOOLS.md, and require manual confirmation before stopping recordings or moving cameras.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusConcern

SKILL.md

`record <id> start|stop` | Aufnahme starten/stoppen ... `ptz <id> <direction>` | PTZ-Kamera bewegen ... `preset <id> <num>`

The skill exposes commands that can stop/start surveillance recordings and move cameras, but the instructions do not require explicit user confirmation or camera/action scoping for these high-impact operations.

User impactA mistaken or autonomous invocation could stop recording or move a security camera away from an important area.

RecommendationRequire explicit confirmation for recording changes, PTZ moves, and presets; restrict allowed camera IDs; and consider separating read-only commands from mutating commands.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

metadata

Required binaries ... none; Required env vars: none; Env var declarations: none; Primary credential: none; No install spec

The registry metadata does not declare the jq dependency, shell helper usage, Synology environment variables, or required credential handling that the SKILL.md and script describe.

User impactInstallation and credential expectations may be less visible to users or automated policy checks than they should be.

RecommendationDeclare required binaries, environment variables, and the Synology credential contract in metadata so users can review them before installing.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityHighConfidenceHighStatusConcern

SKILL.md

**Benutzer** mit Surveillance Station-Rechten ... **2FA deaktiviert** für den API-Benutzer ... `SYNOLOGY_USER` | admin ... `SYNOLOGY_PASS`

The skill requires account credentials with surveillance permissions, recommends disabling 2FA for that API user, and defaults the username to admin, which is high-impact access to a camera/security system.

User impactIf these credentials are misused or over-privileged, someone or the agent could view cameras, change camera positions, or affect recordings on the Synology system.

RecommendationUse a dedicated least-privilege Surveillance Station account, avoid admin credentials, prefer HTTPS, and do not disable 2FA on any broader-use account.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityMediumConfidenceHighStatusConcern

SKILL.md

Füge die Verbindungsdaten zu `TOOLS.md` hinzu: ... `User: surveillance_user` ... `Pass: dein_passwort`

The instructions tell the user to store the NAS username and password in a markdown tool/context file, which can persist beyond the immediate task and may be exposed to future agent context or file sharing.

User impactYour surveillance-system password could remain in a local agent-readable file and be accidentally reused, disclosed, or included in later context.

RecommendationStore secrets in environment variables or a proper secret manager instead of TOOLS.md, keep credential files out of shared context, and rotate the password if it has already been stored broadly.