ClawHub

工业机器人控制技能 - 协作机器人统一 API

Security checks across malware telemetry and agentic risk

Overview

This skill is clearly for robot control, but it includes runnable examples and tests that can enable, move, or change outputs on real robots without strong safety gates.

Install only if you intentionally want an agent to interact with real industrial robot controllers. Before use, remove or replace hard-coded IPs, separate read-only diagnostics from live motion tests, require explicit human approval for enable/move/I-O actions, test in simulation or an isolated lab first, and keep trained operators, guarded workspace procedures, and emergency-stop access in place.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (78)

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The README gives inconsistent and easy-to-misapply guidance about robot motion speed semantics across APIs, mixing ratio-based joint speed with mm/s linear speed in a way that can confuse operators or developers. In a robotics control skill, parameter confusion can directly lead to unintended physical motion, unsafe speeds, collisions, or bypass of expected operating limits, so this is a real safety-relevant vulnerability in documentation.

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
This script hard-codes a path to another skill's Python source and overwrites it, giving it cross-file modification capability that is unrelated to a narrowly scoped indentation utility. In a skill ecosystem, silent modification of another skill file can be abused for tampering, persistence, or accidental corruption, and the lack of validation or user confirmation makes the behavior unsafe.

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The logic appends the corrected next line but does not skip the original next line on the following loop iteration, so the source can end up with both the fixed and original line. That can corrupt Python code, change control flow, or leave a supposedly repaired exception handler in a broken state, making this an unsafe source-rewriting routine.

Intent-Code Divergence

Medium
Confidence
91% confidence
Finding
The script presents a 'safe position' in the docstring and performs only informational checks on J3/J5, but it does not enforce those checks before commanding motion. In a robot-control context, executing movement despite out-of-range or otherwise unsafe starting conditions can cause collision, equipment damage, or operator injury, especially because the target pose is sent directly after a simple Enter confirmation.

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The method name and docstring claim it resets robot alarms, but the implementation only calls stop_motion(). In an industrial robotics context, this semantic mismatch can cause operators or higher-level automation to believe a fault has been cleared when it has not, leading to unsafe recovery logic, failed interlocks, or inappropriate resumption attempts.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The usage examples show direct connection to robot controllers and, for DOBOT, immediate enabling of a physical robot without any safety warning, simulation-first guidance, or operator/environment checks. In a robotics skill, omission of these precautions materially increases the chance of unsafe activation or movement in the real world, making this more dangerous than a generic code example.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The document advertises motion control, IO operations, emergency stop, and alarm reset for industrial robots without any safety warnings, operating prerequisites, or restrictions on use. In the context of physical robot control, omission of these warnings can normalize unsafe operation and increase the risk of injury, collision, or equipment damage if users invoke dangerous actions without proper safeguards.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The document provides step-by-step upload and submission instructions for a robot-control skill package, but it does not warn that the included SDK and test scripts may move hardware, actuate IO, or otherwise affect connected systems if later executed by users. In a robotics context, omission of operational safety warnings increases the risk of accidental physical motion, equipment damage, or unsafe deployment because users may treat the package as routine documentation rather than software that can control real devices.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The documentation provides example code that enables a physical robot and issues motion commands immediately, but it omits any safety warning, simulation-only caveat, workspace checks, or requirement for operator supervision. For a robotics skill, copy-pasteable commands that can energize and move hardware create a real risk of unintended physical motion, equipment damage, or operator injury if run against a live system.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The report recommends joint-range testing and enabling advanced functions on a real robot, but it does not include clear operator safety guidance such as using an E-stop, maintaining a cleared work envelope, validating speed limits, or supervising first motion. In robotics documentation, omission of these precautions can lead users to perform hazardous physical movements in unsafe conditions, increasing risk of collision or injury.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The code enables the robot immediately in start() by calling EnableRobot() without any operator confirmation, safety interlock check, or precondition validation. For physical systems, automatic energizing can create unsafe motion conditions or activate hardware unexpectedly, especially if this demo is reused in a real environment rather than a controlled lab setup.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The README documents that each GetError call first sends an HTTP POST to change the robot's language, but it does not clearly warn that this operation modifies remote device state as a side effect of what appears to be a read-only error query. In operational or multi-client environments, repeated polling could unexpectedly change the robot UI/API language and interfere with other users, automation, or diagnostics.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The README presents robot control examples as straightforward quick-start steps, but it does not require an explicit operator confirmation, dry-run mode, or other guardrails before motion commands are executed. In a robotics context, documentation that encourages immediate execution can contribute to unsafe real-world behavior, including collisions, equipment damage, or injury, especially for beginners using sample code on physical hardware.

Missing User Warnings

Medium
Confidence
82% confidence
Finding
This script immediately connects to a network-addressable robot and starts control logic with no visible confirmation, safety interlock, or operator warning in the entrypoint. In robotics contexts, automatic startup can cause unexpected motion or remote actuation if the script is run unintentionally or in an unsafe environment, increasing the risk of physical harm or equipment damage.

Missing User Warnings

High
Confidence
93% confidence
Finding
The UI exposes direct MovJ/MovL/joint movement actions that can immediately command a physical robot using operator-provided coordinates, but it provides no interlock, warning, confirmation, or safety-state validation before motion. In a robot-control context, accidental clicks, stale coordinates, or misuse can cause unexpected physical movement, creating collision and injury risk as well as equipment damage.

Missing User Warnings

High
Confidence
96% confidence
Finding
The jog controls start continuous motion on button press and only stop on button release, without any user-facing safety disclosure or deadman-style safeguard. If UI events are missed, the operator misclicks, or the system is used remotely, the robot may continue moving unexpectedly, which is especially dangerous for nearby people and hardware.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
Enable/disable and digital output operations directly change hardware state, yet the UI performs them immediately without warning, confirmation, or contextual safety checks. Enabling a robot or toggling outputs can energize actuators or connected devices unexpectedly, potentially causing motion, tool activation, or unsafe process changes.

Missing User Warnings

High
Confidence
98% confidence
Finding
This script connects to a physical robot at a hard-coded public IP, clears errors, enables the robot, and issues motion commands immediately without any operator confirmation, interlock check, workspace validation, or emergency-stop gating. In a robotics context, unaudited actuation is inherently dangerous because simply running the file can cause unexpected physical movement, creating collision, equipment damage, or human safety risks.

Missing User Warnings

High
Confidence
98% confidence
Finding
The script enables a physical robot and immediately issues a joint-space movement command to a public IP-addressed device without any operator confirmation, interlock check, dry-run mode, or explicit safety prompt. In a robotics context, unaudited motion is inherently dangerous because it can cause collisions, pinch/crush injuries, or equipment damage if the workspace is not clear or the target angles are unsafe for the current tool and environment.

Missing User Warnings

High
Confidence
97% confidence
Finding
The script enables a physical robot and issues multiple MovJ joint-motion commands immediately, without any operator acknowledgment, interlock check, or runtime safety gate. In a real robot environment, automatic motion can cause collisions, pinch/crush injuries, or equipment damage if the workspace is not cleared or the robot state is unsafe.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
This script connects to a publicly routable robot IP, enables the robot, and issues multiple motion commands without any explicit operator safety warning, preflight interlock, or confirmation step before physical movement. In robotics code, this is dangerous because users may run a 'test' script assuming it is harmless, while it can cause real-world motion that risks injury, collision, or equipment damage.

Missing User Warnings

High
Confidence
98% confidence
Finding
This script connects to a publicly routable robot controller IP and issues live control commands including EnableRobot, digital/analog I/O writes, relative joint motion, and homing without any explicit safety interlock, operator confirmation, environment check, or warning banner. In a robotics context, executing motion and actuator commands from a test script can cause physical movement, equipment damage, or injury if run against a real system unexpectedly or by an unprepared user.

Missing User Warnings

High
Confidence
98% confidence
Finding
The quick-start instructions show how to connect, enable, and move a physical robot without any immediate safety warning, precondition checklist, or requirement to verify clearance, E-stop readiness, reduced-speed mode, and human exclusion zone. For a skill that controls industrial hardware, omission of these warnings materially increases the risk of unsafe operation, injury, or equipment damage by users following the examples verbatim.

Missing User Warnings

High
Confidence
95% confidence
Finding
The skill documentation exposes robot motion and IO control capabilities without any safety notice, operating constraints, or requirement for supervised use. In a physical robotics context, this omission can lead users to invoke movement commands in unsafe environments, creating real-world injury, equipment damage, or unintended actuator/IO activation.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The CLI directly actuates robot digital outputs from user input with no confirmation, interlock, authorization, or safety warning. In an industrial robotics context, changing a digital output can energize tooling, grippers, relays, or external machinery, so a mistyped or scripted command could create immediate physical safety and equipment risks.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal