ClawHub

Child Restless Sleep / Nightmare Detection | 儿童睡眠中频繁翻身/噩梦识别

Security checks across malware telemetry and agentic risk

Overview

This skill processes children’s bedroom audio/video and adds cloud history, identity/token storage, and mismatched health/face-analysis behavior that need careful review before installation.

Install only after confirming the publisher’s privacy practices, exact backend endpoints, retention/deletion policy, and parental consent flow. Do not provide child bedroom recordings, public video URLs, phone numbers, or reusable identifiers unless you are comfortable with remote processing and local token storage; the package should also fix the dependency name and remove unrelated pet, face, and medical-style analysis paths.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (24)

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
The skill requires obtaining an open-id from config files or user input and uses it for cloud save/query operations, extending the feature from media analysis into identity-linked account lookup and record retrieval. In the context of monitoring minors in bedrooms, tying intimate sleep recordings and reports to identifiers significantly raises privacy and tracking risk if mishandled or accessed without clear authorization.

Description-Behavior Mismatch

Medium
Confidence
88% confidence
Finding
The workflow expands from local sleep analysis into cloud report management and remote historical retrieval, which materially broadens data processing beyond what users may expect from a monitoring skill. Because the content concerns children's night-time audio/video, hidden backend aggregation and retrieval increase the risk of sensitive report exposure, over-retention, and unauthorized access.

Description-Behavior Mismatch

Low
Confidence
86% confidence
Finding
Automatically saving uploaded media locally introduces persistence of highly sensitive child bedroom recordings without a clearly bounded necessity or retention policy. This creates avoidable privacy and breach risk because local copies can be exposed through weak permissions, backups, logs, or later unintended reuse.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The inline pet-type comment and related logic are inconsistent with a child bedroom monitoring skill, strongly suggesting copy-paste reuse from another domain. In a system handling highly sensitive child audio/video, this mismatch increases the risk that data is misclassified, routed to the wrong model or backend, or processed under incorrect policies, undermining privacy and safety assurances.

Description-Behavior Mismatch

High
Confidence
97% confidence
Finding
The analysis request injects a petType parameter into a child sleep monitoring workflow, which is materially inconsistent with the declared purpose of the skill. Because this skill processes continuous nighttime child audio/video, sending an unrelated classification parameter can cause sensitive data to be routed to the wrong service, model, tenant, or retention policy, creating significant privacy, integrity, and compliance risk.

Intent-Code Divergence

Medium
Confidence
93% confidence
Finding
The script is presented as a child bedroom monitoring and nightmare-detection tool, but its implementation routes analysis through generic pet-oriented configuration and APIs (`pet_type`, `DEFAULT__PET_TYPE`, and `skill.get_output_analysis`). In a child sleep-monitoring context involving sensitive bedroom video and audio, this mismatch creates a real security and privacy risk because users may send highly sensitive minors' data to a backend not designed, disclosed, or authorized for pediatric human surveillance data.

Intent-Code Divergence

High
Confidence
99% confidence
Finding
The documented API response is for a generic face and health-diagnosis service, including face detection and organ/constitution assessment, which does not match the declared purpose of child sleep and nightmare monitoring. In a child-bedroom monitoring context, this indicates undisclosed expansion into biometric and health inference on minors, creating serious privacy, consent, and data-minimization risks.

Description-Behavior Mismatch

High
Confidence
99% confidence
Finding
The referenced behavior expands beyond sleep monitoring into facial analysis and medical-style diagnosis, which is materially different from the advertised skill capability. This is dangerous because users may provide highly sensitive bedroom video of a child believing it is used for sleep analysis, while the service appears capable of extracting unrelated biometric and health information.

Context-Inappropriate Capability

High
Confidence
98% confidence
Finding
Facial and medical-style diagnosis is unjustified for detecting rollovers, crying, and sleep talk, especially in a child-monitoring scenario. Processing children's bedroom footage to infer health or facial attributes increases the sensitivity of the data and raises the risk of misuse, overcollection, and noncompliant handling of minors' biometric information.

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The skill accepts arbitrary http/https video URLs and forwards them to the backend analysis service, which broadens collection beyond the declared fixed child-bedroom camera scenario. In a child sleep-monitoring context, this scope expansion increases privacy and misuse risk because users can submit unrelated third-party or externally hosted surveillance footage without any purpose limitation or provenance checks.

Description-Behavior Mismatch

Medium
Confidence
81% confidence
Finding
The report-listing path exposes generic health-assessment fields that do not match the manifest's stated purpose of nightmare, rollover, cry, and sleep-talk detection. In a children's bedroom monitoring skill, surfacing broader health inferences represents data overreach and can reveal sensitive conclusions unrelated to the user-declared function.

Context-Inappropriate Capability

High
Confidence
92% confidence
Finding
The code explicitly handles face-analysis response data even though the skill is described as night-time sleep behavior monitoring, not facial analysis. In a child/infant bedroom setting, introducing face-analysis capability materially increases sensitivity, enabling biometric or physiognomic inference beyond the expected purpose.

Context-Inappropriate Capability

Medium
Confidence
84% confidence
Finding
The script accepts arbitrary remote URLs and forwards them for analysis without any allowlisting or scope restriction, which broadens the skill far beyond the stated fixed in-room camera scenario. In practice, this can enable analysis of attacker-chosen remote content and may create privacy, compliance, or server-side request misuse risks depending on how skill.get_output_analysis fetches the URL.

Description-Behavior Mismatch

Medium
Confidence
88% confidence
Finding
The file defines persistent local user-account storage with username, email, birthday, token, and open_token fields, which is materially broader than the declared nightmare/rollover detection purpose. In a child bedroom monitoring skill, collecting and storing extra identity and authentication-like data increases privacy risk and expands the attack surface without clear functional justification.

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
Persisting token and open_token values locally is sensitive secret storage that is not justified by the stated sleep-monitoring behavior. If the local SQLite database is read by another process or exposed through backup/logging mishandling, those tokens could enable account compromise or unauthorized API access, and the child-monitoring context makes unnecessary secret retention especially concerning.

Description-Behavior Mismatch

High
Confidence
97% confidence
Finding
This utility code performs authenticated outbound API requests, injects tokens and user identity into requests, and can create remote accounts, which is far beyond the stated purpose of a local child sleep-monitoring skill. In the context of a bedroom camera/audio monitoring skill for children, undisclosed remote transmission and account provisioning materially increase privacy and data-handling risk, especially if sleep, audio, or device metadata is later routed through this shared helper.

Context-Inappropriate Capability

High
Confidence
99% confidence
Finding
The _get_or_create_user flow silently logs in or registers a remote user using phone/openId-style identifiers, with no clear relation to nightmare or rollover detection. For a child-monitoring skill, this creates unjustified identity linkage and backend account creation risk, enabling collection or correlation of sensitive household and child-related monitoring activity.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The code reads, persists, refreshes, and mutates tokens and user records in local storage, expanding the trust boundary from local analysis to credential lifecycle management. Even if intended as shared infrastructure, this exceeds the justified capabilities of a sleep-analysis skill and raises the chance of token misuse, cross-skill identity leakage, or unauthorized backend access.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The default trigger is broad enough to auto-activate on essentially any uploaded child sleep audio/video, which can cause sensitive analysis and downstream storage/transmission without an intentional user request. In a child-monitoring context, overbroad triggering is especially risky because it may process intimate bedroom media by default rather than through explicit, contextual consent.

Missing User Warnings

High
Confidence
95% confidence
Finding
The skill states that uploaded audio/video will be automatically saved locally without providing a clear, upfront user warning at the point of collection. For recordings of minors in bedrooms, undisclosed local retention is highly sensitive and can materially increase harm if the host is compromised, shared, or improperly administered.

Missing User Warnings

High
Confidence
96% confidence
Finding
The skill initiates cloud history queries using a user identifier and remote API without a clear upfront warning that personal identifiers and related report data will be transmitted off-device. In this context, that means sensitive child sleep metadata and potentially associated media/report links may be exposed to external systems without adequately informed consent.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documentation describes continuous overnight collection and analysis of a child's bedroom video and audio, including cry detection and sleep-talk recognition, but provides no explicit privacy, consent, retention, access-control, or data-handling safeguards. Because this involves highly sensitive data from minors in a private setting, the omission materially increases the risk of unlawful collection, over-retention, secondary use, or exposure of intimate recordings and inferred behavioral data.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The API documentation instructs users to upload videos or provide publicly accessible video URLs but gives no warning about privacy, retention, access control, or handling of sensitive bedroom recordings. Because the content involves night-time audio/video of children, the absence of explicit safeguards and disclosure materially increases the risk of sensitive data exposure.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The code performs HTTP requests and handles authentication tokens without any evident user-facing disclosure, consent, or indication that remote services are involved. For a child bedroom audio/video monitoring scenario, lack of transparency about networked processing is especially risky because users may reasonably expect local-only analysis while sensitive behavioral data is potentially tied to backend identities and APIs.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal