ClawHub

Xiaomi

Security checks across malware telemetry and agentic risk

Overview

This skill is aligned with Xiaomi smart-home control, but it needs Review because it handles device-control tokens and can issue physical appliance commands without enough safety or secret-handling guidance.

Install only if you are comfortable giving the agent local control over the listed Xiaomi devices. Treat Xiaomi tokens like passwords: do not paste them into shared chats, commit them to repositories, or store them in broadly readable markdown files. Review any token-extraction script before running it, and require explicit confirmation before commands that turn on power, heating, cooking, or other physical device states.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly promotes extracting Xiaomi device IPs and 32-byte local tokens from the user's account, but provides no warning that these are sensitive credentials. Those tokens can enable direct LAN control of smart-home devices, so exposing, storing, or mishandling them could let an attacker manipulate devices or map the user's home environment.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The setup instructions tell users to run a bundled token extraction script without any disclosure that it will access Xiaomi account/device credential material. In this skill's context, that is especially dangerous because the extracted data is immediately usable for local control commands, making accidental exposure of the script output or saved files a practical path to unauthorized device control.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal