Kitchen Stove Left-On Detection | 老年人厨房忘关火识别

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This skill needs Review because it handles sensitive in-home video and identifiers through cloud services while its code and docs include unrelated health/face-analysis behavior and weak controls.

Install only after the publisher narrows the API and code to stove/occupancy detection, removes unrelated face/health analysis paths, documents exactly what video and identifiers are uploaded or stored, fixes the dependency manifest, and requires explicit consent and safeguards before any cloud history access or gas-valve automation.

SkillSpector (20)

By NVIDIA

Dynamic attribute access via getattr()

Low

Category: Dangerous Code Execution
Content: if filters: for key, value in filters.items(): query = query.filter(getattr(self.__model__, key) == value) if offset: query = query.offset(offset)
Confidence: 84% confidence
Finding: query = query.filter(getattr(self.__model__, key) == value)

Dynamic attribute access via getattr()

Low

Category: Dangerous Code Execution
Content: if filters: for key, value in filters.items(): query = query.filter(getattr(self.__model__, key) == value) return query.scalar() finally:
Confidence: 83% confidence
Finding: query = query.filter(getattr(self.__model__, key) == value)

Context-Inappropriate Capability

Medium

Confidence: 88% confidence
Finding: A cloud historical-report query feature is introduced even though the primary purpose is real-time stove-left-on analysis. This creates unnecessary secondary data processing and broadens exposure of sensitive household monitoring records, increasing privacy risk and the chance of unauthorized access to prior reports.

Context-Inappropriate Capability

Medium

Confidence: 93% confidence
Finding: The skill requires collecting an open-id from config files or directly from a username/phone number, which exceeds what is needed for basic visual analysis. Tying household surveillance workflows to personal identifiers raises privacy risk, and reading identifiers from local config locations can expose secrets or cause unintended cross-user data access if reused across environments.

Description-Behavior Mismatch

Medium

Confidence: 86% confidence
Finding: The file states that the skill should only output visual judgments and warnings, yet elsewhere it instructs local file saving, cloud API retrieval, and report-history operations. This inconsistency is dangerous because it obscures the true data lifecycle and can cause users to underestimate storage and transmission of sensitive kitchen footage and associated metadata.

Description-Behavior Mismatch

High

Confidence: 98% confidence
Finding: The documented API endpoint is for generic video analysis that returns face detection and health/diagnosis data, which is materially unrelated to a stove-left-on safety skill. This mismatch suggests the skill may transmit kitchen video to an external service capable of collecting biometric and inferred health information far beyond what is necessary, creating a serious risk of undisclosed surveillance, sensitive data overcollection, and purpose drift.

Context-Inappropriate Capability

High

Confidence: 99% confidence
Finding: Face detection and organ/health-condition diagnosis from kitchen video are not justified by the stated purpose of unattended stove detection. In the context of elderly-care monitoring, this is especially dangerous because it can capture highly sensitive biometric and health inferences about a vulnerable population without a clear operational need, increasing privacy, discrimination, and regulatory risk.

Description-Behavior Mismatch

High

Confidence: 97% confidence
Finding: The implemented logic for report listing and parsing is inconsistent with the declared stove-left-on safety function and instead processes generic/health-analysis fields such as `healthAiResponse` and body-condition assessments. In a safety-critical skill that may trigger alerts or automatic gas-valve shutdown, this kind of capability mismatch can cause operators to rely on a system that is not actually performing the advertised hazard detection, creating a dangerous false sense of protection.

Intent-Code Divergence

Medium

Confidence: 90% confidence
Finding: The code comments and rendered outputs present generic analysis reports while the actual parsed fields reference health/body-condition assessment data, which directly contradicts the stove-detection safety use case. This mislabeling can mislead users, integrators, or caregivers into believing the returned result is relevant to unattended-stove detection when it is not, increasing the risk of missed hazards or inappropriate automated actions.

Context-Inappropriate Capability

Low

Confidence: 76% confidence
Finding: The script accepts arbitrary remote URLs and forwards them to backend analysis without restricting them to trusted camera sources or validating scheme/host. In a safety-monitoring context, this expands the trust boundary and can enable misuse of the service to analyze unintended external content, and depending on backend behavior may facilitate server-side fetching of attacker-controlled URLs.

Description-Behavior Mismatch

Medium

Confidence: 96% confidence
Finding: This shared utility performs broad authenticated HTTP access, token management, and conditional user provisioning that go far beyond a stove-monitoring skill's stated purpose. In this context, the extra capability materially increases data exposure and abuse potential because any caller of this utility can transmit identifiers, tokens, and arbitrary payloads to backend services unrelated to detecting unattended stove flames.

Context-Inappropriate Capability

High

Confidence: 99% confidence
Finding: The _get_or_create_user helper silently logs in or registers a user using phone/openId-derived data with 'silent' and 'register' flags, without any visible consent flow. That creates an unauthorized identity-provisioning path and can expose personal identifiers or create accounts unexpectedly, which is unjustified for a kitchen-camera stove detection feature.

Context-Inappropriate Capability

Medium

Confidence: 93% confidence
Finding: The code loads, persists, mutates, and refreshes authentication tokens in local storage through DAO operations, even though token lifecycle management is unrelated to the declared detection function. This expands the blast radius of compromise: leaked or corrupted local token state can enable unauthorized API access or cross-user confusion.

Missing User Warnings

Medium

Confidence: 83% confidence
Finding: The skill involves continuous kitchen video monitoring and cloud/API handling of highly sensitive in-home footage, but the description does not prominently warn users about these privacy implications up front. In a domestic elder-care context, this is especially sensitive because it captures daily routines inside a private home and may expose vulnerable individuals to surveillance or data leakage risks.

Missing User Warnings

High

Confidence: 95% confidence
Finding: The skill describes automatic gas-valve shutdown based on AI detection without a prominent warning about false positives, misclassification, or the risks of autonomous physical-world actions. In a real kitchen, erroneous shutoff can disrupt cooking, create confusion for elderly users, and erode trust in safety systems; any automated actuator tied to imperfect vision signals needs strong safeguards.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The API supports uploading videos or submitting public video URLs for analysis, but the documentation provides no warning or controls around privacy, retention, access, or handling of biometric/health-related data. Because the skill continuously monitors a home kitchen and may involve elderly users, omission of these safeguards materially increases the chance of sensitive video exposure and misuse.

Missing User Warnings

Medium

Confidence: 87% confidence
Finding: The skill reads arbitrary local video files and uploads their full contents to a remote API, but this file contains no user-facing disclosure, consent prompt, or data-handling notice. Because the described use case involves continuous kitchen monitoring in elder-care settings, undisclosed upload of household video can expose highly sensitive visual data and create privacy, compliance, and trust risks.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The tool can analyze a local file or remote URL through backend APIs, but there is no user-facing disclosure that video content may be transmitted off-device. Because the described use case involves continuous kitchen monitoring in elder-care settings, silent transmission of household video creates meaningful privacy and consent risk.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The script requires an `open-id` that may be a user ID, username, or phone number, but gives no explanation of why it is collected, how it is stored, or where it is sent. In an elder-care/home-monitoring setting, collecting identifiers without disclosure increases privacy, compliance, and misuse risks.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The request flow transmits user identifiers, app identifiers, tenant data, and authentication headers to remote services, while the code provides no user-facing notice or consent mechanism outside debug logging. For a home-monitoring skill processing sensitive household context, undisclosed backend transmission increases privacy and compliance risk and could surprise users about where their data goes.

Static analysis

Install untrusted source

Warn

Finding: Install source points to URL shortener or raw IP.

Dep not found on registry

Critical

Finding: 1 package(s) referenced in dependency files do not exist on their public registries: yaml (pypi)

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal