Pet Poop Auto-Clean Trigger (Robot Vacuum Integration) | 宠物排便自动清理触发（联动扫地机）

Security checks across static analysis, malware telemetry, and agentic risk

Overview

The skill appears to analyze pet videos, but its files also handle cloud history, account creation, tokens, personal identifiers, and health-analysis style results that are not clearly scoped to pet waste cleanup.

Install only if you are comfortable sending home video footage and a user identifier to the publisher's cloud service, and only after the publisher explains account creation, token storage, report history access, retention/deletion, and why health-analysis code and documentation are included in a pet cleanup skill.

SkillSpector (27)

By NVIDIA

Dynamic attribute access via getattr()

Low

Category: Dangerous Code Execution
Content: if filters: for key, value in filters.items(): query = query.filter(getattr(self.__model__, key) == value) if offset: query = query.offset(offset)
Confidence: 81% confidence
Finding: query = query.filter(getattr(self.__model__, key) == value)

Dynamic attribute access via getattr()

Low

Category: Dangerous Code Execution
Content: if filters: for key, value in filters.items(): query = query.filter(getattr(self.__model__, key) == value) return query.scalar() finally:
Confidence: 80% confidence
Finding: query = query.filter(getattr(self.__model__, key) == value)

Description-Behavior Mismatch

Medium

Confidence: 86% confidence
Finding: The skill says it only outputs vision-based event detection results, but it also saves uploaded media locally and fetches cloud-hosted historical reports. This is a scope/intent mismatch that can mislead users about data handling, retention, and external disclosure of their media and metadata.

Context-Inappropriate Capability

High

Confidence: 97% confidence
Finding: The skill instructs reading config files to extract an api-key and repurpose it as a user's open-id, which mixes credentials with user identity in a way unrelated to the stated pet-video analysis function. This can lead to unauthorized secret harvesting, credential misuse, and cross-context abuse of sensitive configuration data.

Description-Behavior Mismatch

Medium

Confidence: 90% confidence
Finding: The documented endpoints expose functionality that appears broader than the stated skill purpose, including generic 'health analysis', historical report pagination, and full report export. This kind of scope mismatch can indicate over-privileged integration or data-access paths that allow retrieval of unrelated sensitive records, increasing the risk of unauthorized data exposure through the skill.

Intent-Code Divergence

Medium

Confidence: 86% confidence
Finding: The inline description frames the skill as a narrow automation trigger, but the API names suggest a broader health-analysis/reporting system behind it. This discrepancy is dangerous because it can mask access to a larger backend capability set than users or reviewers expect, undermining least privilege and potentially enabling access to sensitive analysis results or exports unrelated to pet waste cleanup.

Description-Behavior Mismatch

High

Confidence: 99% confidence
Finding: The documented API response describes face detection and human health/constitution diagnosis outputs that are unrelated to the declared pet waste detection purpose. This mismatch strongly suggests the skill may invoke or expose a different backend capability than advertised, creating a risk of deceptive functionality, unauthorized biometric processing, or collection of sensitive health-related inferences from submitted videos.

Intent-Code Divergence

High

Confidence: 100% confidence
Finding: The skill manifest explicitly states that the skill does not provide medical diagnosis, but the API documentation presents medical-diagnostic results and health warnings. This contradiction is dangerous because users and integrators may submit videos under false assumptions, while the service could actually perform sensitive health-related analysis outside the disclosed purpose.

Description-Behavior Mismatch

Medium

Confidence: 90% confidence
Finding: This API wrapper exposes list/add/edit/delete operations for camera or configuration records in addition to the stated analysis-trigger functionality. Even though this file is only a client/service layer, the capability expands the skill's operational scope beyond the manifest and can enable unauthorized inventory, modification, or deletion of device-related records if reachable by the agent or downstream callers.

Context-Inappropriate Capability

Medium

Confidence: 93% confidence
Finding: The add/edit/delete methods appear to manage camera/device records, which is not justified by the described purpose of analyzing a provided video feed and emitting a cleanup trigger. In this context, hidden device-management capability is more dangerous because the skill interfaces with cameras in a home environment, so misuse could alter monitored devices, remove records, or change behavior outside the user's expected consent.

Description-Behavior Mismatch

Medium

Confidence: 95% confidence
Finding: The file exposes historical report-listing capabilities that go beyond the manifest’s stated trigger-and-analysis purpose. This kind of scope drift can unintentionally reveal prior analyses, metadata, and report URLs to users or callers who only expected single-input pet-waste event detection, increasing the chance of unauthorized data exposure.

Description-Behavior Mismatch

Medium

Confidence: 87% confidence
Finding: The result handling logic accepts and unwraps generic 'commonAiResponse' and especially 'healthAiResponse' structures that do not match the declared pet-waste monitoring function. In context, this suggests the skill may process or surface unrelated analysis domains, creating a risk of cross-purpose data leakage and accidental handling of health-related outputs under the wrong user expectations.

Intent-Code Divergence

High

Confidence: 84% confidence
Finding: The comments and extraction logic refer to health/physique assessment fields while the skill is presented as pet-waste monitoring. This mismatch indicates probable code reuse from a health-analysis workflow, which can cause the skill to expose sensitive health-style outputs or connect to the wrong backend behavior, violating least privilege and user expectations.

Intent-Code Divergence

High

Confidence: 84% confidence
Finding: The repeated paginated processing logic continues to extract health-assessment data during report listing, reinforcing that the implementation is inconsistent with the declared purpose. Repetition increases the chance that unrelated or sensitive report contents are systematically exposed across historical records rather than being an isolated comment issue.

Description-Behavior Mismatch

High

Confidence: 97% confidence
Finding: This file implements a generic user-account persistence layer, including a user model and DAO, even though the skill manifest describes a narrowly scoped pet-defecation video analysis and cleaning trigger function. Such overbroad capability increases attack surface and suggests collection of unrelated identity data with no clear necessity for the advertised skill behavior.

Context-Inappropriate Capability

High

Confidence: 99% confidence
Finding: The User model stores tokens, open_token, email, birthday, sex, and age, which are sensitive authentication and personal profile fields unrelated to detecting pet waste from a fixed camera feed. In the context of this skill, collecting and persisting this data is disproportionate and raises privacy and credential-compromise risk if the local database is accessed or reused by other components.

Context-Inappropriate Capability

Medium

Confidence: 84% confidence
Finding: The DAO derives its database path from an environment-controlled workspace and creates/writes a local database under that path, which is broader filesystem persistence than expected for a simple event-detection trigger skill. If the runtime environment is influenced by another component, this can cause unintended data placement, privacy exposure, or writing into sensitive/shared locations.

Description-Behavior Mismatch

High

Confidence: 96% confidence
Finding: This utility silently performs external account login/registration and persists tokens, which is unrelated to the stated purpose of analyzing pet-waste video events. In a skill whose manifest suggests local or narrowly scoped vision processing, hidden identity provisioning and credential handling materially expands the trust boundary and can cause unauthorized data sharing, account creation, and long-lived credential storage without clear user consent.

Context-Inappropriate Capability

High

Confidence: 97% confidence
Finding: The code can auto-provision accounts using a username/openId, retrieve tokens, and store them via DAO logic, despite the skill being described as a pet defecation detection trigger. That mismatch is dangerous because users would not reasonably expect background account lifecycle management and token persistence from a video-event detection skill, increasing the risk of privacy violations and abuse of stored credentials.

Missing User Warnings

Medium

Confidence: 87% confidence
Finding: Automatically saving uploaded attachments locally without a clear warning or consent introduces privacy and data-retention risk, especially for in-home camera footage. Users may reasonably expect transient processing, not persistent local copies of potentially sensitive household media.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The skill uses cloud APIs and remote URL processing for user media/history without clearly warning that data may leave the local device and be handled by external services. For home-monitoring video, undisclosed transmission can expose sensitive household imagery, timestamps, and behavioral patterns.

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: Requesting a username or phone number as open-id for storing/querying reports introduces collection of personal identifiers without an accompanying privacy warning or minimization rationale. If mishandled, these identifiers can enable account correlation, unwanted retention, or privacy leakage tied to home-monitoring activity.

Missing User Warnings

Medium

Confidence: 86% confidence
Finding: The documentation instructs users to upload videos or provide public video URLs for analysis but gives no warning about privacy, retention, third-party access, or handling of incidental human subjects captured by fixed cameras. In this skill context, home surveillance footage from pet toileting areas may contain sensitive household imagery, making undocumented collection and transmission more risky.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The code reads the entire local file and uploads it for remote analysis without any in-file notice, consent prompt, or visible disclosure to the user. Because the skill deals with videos from inside homes, silent upload of local content raises meaningful privacy risk, especially if users assume processing is local or limited to event detection only.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The script accepts either a local video path or a remote URL and forwards that input to downstream analysis logic without presenting any explicit notice, consent step, or data-handling warning to the user. In this skill's context, the videos are from inside homes and depict pet toilet areas, so remote processing can expose private household imagery and behavioral data if users are unaware that content may leave the local device.

Static analysis

Install untrusted source

Warn

Finding: Install source points to URL shortener or raw IP.

Dep not found on registry

Critical

Finding: 1 package(s) referenced in dependency files do not exist on their public registries: yaml (pypi)

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal