ClawHub

Tasmota

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a real Tasmota device-management tool, but it needs review because it can scan your local network and send broad commands to smart-home devices without tight scoping or built-in confirmation.

Install only if you intend to let an agent discover and control Tasmota devices on a network you own or are authorized to scan. Review every scan and control action before running it, avoid raw Tasmota commands unless you understand their effect, and do not use discovery on workplace, guest, or shared networks without permission.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (6)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill clearly instructs the agent to perform local network scanning and device control through shell commands and HTTP requests, yet it declares no permissions. This creates a dangerous mismatch where operators and policy layers may not realize the skill can enumerate hosts and send control commands to smart devices, enabling unintended reconnaissance and physical-environment impact.

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The script includes an undocumented raw-command fallback that sends any user-supplied Tasmota command directly to the device, extending capability beyond the declared power/status/brightness/color operations. In an agent-skill context, this broadens the action surface to potentially dangerous administrative or configuration-changing commands, increasing the risk of unintended or unauthorized device modification.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The description includes broad language such as 'any other Tasmota management operations,' which can cause the skill to be invoked for a wide range of network and device-control tasks beyond narrowly intended use. In a skill that can scan the LAN and manipulate devices, ambiguous routing increases the chance of overbroad activation and unauthorized or unsafe actions.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The markdown provides step-by-step instructions for ping sweeps, HTTP probing, inventory collection, and device state changes without warning that these actions can reveal network topology, collect device metadata, or alter real-world device behavior. In the context of local-network smart home control, omission of privacy and safety warnings makes misuse or accidental disruption more likely.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The raw command path transmits arbitrary commands over HTTP to the target device without any warning that the operation is networked and may change device state or configuration. In this skill context, that is more dangerous because the tool is specifically intended to control local-network smart devices, so silent execution of arbitrary commands can lead to disruptive or persistent changes beyond what a user expects.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The script performs automated ICMP and HTTP probing across the local /24 subnet without any consent prompt, scope confirmation, rate limiting, or warning that it will contact many devices. In an agent skill context, this can cause unintended network reconnaissance against user environments, violate policy expectations, and interact with devices that the user did not explicitly authorize scanning.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal