ClawHub
Back to skill
v1.0.0

imac-cam

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 7:55 AM.

Analysis

The skill does capture the iMac camera as described, but it also starts an unauthenticated background web server from /tmp that can expose the camera image and other temporary files.

GuidanceReview carefully before installing. This is a camera-capture skill, so it should only be used on a machine you control and with consent from anyone who may be recorded. Safer behavior would restrict the server to a single image, bind it to localhost, require an access token, stop the server after viewing, and remove /tmp/cam_capture.png after use.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Rogue Agents
SeverityMediumConfidenceHighStatusConcern
capture.py
subprocess.Popen(['python3', '-m', 'http.server', '8765'], stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL)
...
subprocess.run(['osascript', '-e', 'tell application "Photo Booth" to quit'], capture_output=True)

The script launches the HTTP server as a background process and later quits Photo Booth, but the artifacts do not show any corresponding shutdown of the server.

User impactThe web server may continue running after the camera task is finished, keeping the captured file and /tmp directory reachable longer than the user expects.
RecommendationStop the HTTP server after the user has viewed the image, provide an explicit cleanup command, and avoid detached background services unless clearly requested.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityMediumConfidenceHighStatusNote
capture.py
subprocess.run(['osascript', '-e', 'tell application "Photo Booth" to activate'], ...)
...
subprocess.run(['/usr/sbin/screencapture', '-x', '-R' + rect, CAPTURE_FILE], ...)

The implementation uses macOS automation and screen capture to activate Photo Booth and save an image of the camera window. This matches the stated purpose but uses privacy-sensitive local permissions.

User impactWhen invoked, the skill can open the camera app and capture an image from the camera window.
RecommendationInstall only if you are comfortable granting camera/screen/automation permissions for this purpose, and prefer explicit user confirmation before each capture.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication
SeverityHighConfidenceHighStatusConcern
capture.py
os.chdir('/tmp')
subprocess.Popen(['python3', '-m', 'http.server', '8765'], ...)
...
print(f"查看地址: http://{ip}:8765/cam_capture.png")

The skill serves files from /tmp and advertises a network IP URL for the camera capture, with no artifact evidence of authentication, localhost-only binding, file scoping, or access control.

User impactAnyone who can reach that server may be able to view the camera screenshot and potentially other temporary files in /tmp.
RecommendationServe only the captured image from a dedicated directory, bind to localhost unless the user explicitly requests network sharing, add authentication or a one-time token, and delete the image after use.