Security audit

Yeelight Smart Home

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Yeelight smart-home integration that uses a local runtime and includes confirmation gates for persistent or high-impact actions.

Install this only if you trust the separately installed yeelight-home runtime and want an agent to manage your Yeelight home. Review any pending plan carefully, use the local approval flow for destructive or account-impacting actions, and never paste tokens, passwords, or cookies into chat.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The skill description is extremely broad, covering control, diagnosis, personalization, recommendations, product knowledge, and persistent home changes without clear trigger boundaries or narrower eligibility criteria. In an agent setting, this increases the chance of over-invocation and accidental routing of ambiguous user requests into a high-impact smart-home control skill.

Natural-Language Policy Violations

Medium

Confidence: 82% confidence
Finding: Mandating brief natural Chinese for ordinary users without user opt-in or locale negotiation can cause the agent to respond in an unexpected language, undermining informed consent and clarity for safety-relevant home actions. In a smart-home context, misunderstanding confirmations, status, or failure messages can contribute to unsafe or unintended operations.

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The manifest enables implicit invocation for a skill that can control and diagnose a physical smart-home environment, but it does not define any clear trigger constraints, confirmation requirements, or scope limits in this file. That increases the chance the agent will invoke the Yeelight control runtime based on ambiguous user intent, causing unintended device actions, privacy-sensitive home queries, or excessive trust in automation.

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The intent catalog exposes a very broad set of high-impact read/write operations, including destructive and security-sensitive actions such as deleting homes, removing members, unlocking all devices, configuring gateways, executing scenes/behaviors, and modifying automations, without any visible scoping, separation, or exclusion guidance. In a smart-home skill, this materially increases the chance that an upstream agent, prompt injection, ambiguous user phrasing, or authorization mistake could trigger dangerous real-world actions affecting physical security, privacy, or account control.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.