ClawHub

Didit Liveness Detection

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Didit liveness-check skill, but it handles sensitive face images and should be used only with consent and clear retention expectations.

Install only if you intend to send selfie images to Didit for biometric liveness analysis. Use a dedicated API key, avoid exposing credentials in prompts or logs, obtain appropriate consent before processing face images, and check Didit's retention and Business Console settings, especially because saved API requests appear to be enabled by default.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
84% confidence
Finding
The manifest description narrows the apparent scope of the skill while the body documents additional biometric profiling and screening capabilities such as age/gender estimation, duplicate-face detection, and blocklist matching. Understating surveillance or biometric-processing scope can mislead users and downstream agents into sending sensitive data without informed consent or appropriate policy checks.

Intent-Code Divergence

Medium
Confidence
88% confidence
Finding
A skill presented as a narrow passive-liveness verifier also includes account registration, email verification, billing, and top-up instructions. Expanding scope into credential creation and payment flows increases the risk that an agent could be induced to perform unrelated account or financial operations beyond the user's expected intent.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The documentation instructs transmission of a selfie for biometric analysis and describes sensitive outputs such as liveness, age, gender, blocklist matching, and duplicate-face detection without an explicit privacy warning or data-handling notice. Because biometric images and derived attributes are highly sensitive, lack of clear disclosure can lead to uninformed collection, retention, or third-party processing.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The parameter `save_api_request` defaults to true, implying uploaded biometric request data may be retained in the vendor's Business Console, yet the documentation does not prominently warn users of this storage behavior. Silent default retention of selfies and related metadata materially increases privacy and compliance risk, especially for biometric data.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The script uploads a biometric face image and optional vendor/session identifier to a third-party service, but it provides no explicit notice, consent prompt, or privacy disclosure at the point of collection. Because facial imagery is highly sensitive personal data, silent transmission can create privacy, compliance, and user-trust risks, especially in regulated environments.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal