ClawHub

test-restaurant-inspection

Security checks across malware telemetry and agentic risk

Overview

This skill openly uses Ezviz camera snapshots and Ezviz AI services for restaurant inspections, with sensitive but disclosed behavior.

Install only if you are authorized to inspect the configured cameras and send snapshots to Ezviz services. Use least-privilege Ezviz credentials, prefer environment variables over command-line secrets, review any created Ezviz agent, and confirm workplace privacy or compliance requirements before running it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill declares sensitive capabilities in metadata (`env` secrets and external network use) and documents automatic calls to third-party APIs, but it does not expose an explicit permission model for users approving those actions. This creates a transparency and consent gap: the skill can access credentials and send camera-derived data off host without a formal permissions declaration beyond descriptive text.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The script captures images from surveillance devices and transmits them to remote Ezviz analysis services without any consent prompt, privacy notice, masking, or policy check. Because restaurant camera images can contain employees, customers, and operationally sensitive areas, this creates a real privacy and compliance risk even though the transmission is part of the intended workflow.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal