100Critical
This skill enables broad command execution, exposes WiFi credentials
Behavior Analysis
Description verified — behavior matches claim
Claims to do
GeekMagic SmallTV Ultra: Control, customize, and develop firmware for the GeekMagic SmallTV Ultra — an ESP8266-based IoT device with a 240x240 TFT display, controlled entirely over HTTP with no authentication.
Actually does
This skill uses `curl` to interact with the GeekMagic SmallTV Ultra's HTTP API for control, configuration, and file uploads (images/GIFs). It manages device IP and firmware version in a local `.claude/geekmagic-smalltv-ultra.local.md` file. It also provides instructions for firmware development using `PlatformIO` and references GitHub repositories for alternative firmware and source code.
Skill Info
Nameyaniv-golan/smalltv-ultra-skill/geekmagic-smalltv-ultra
Registrygithub
Versiondcb7a16779ad
PURLpkg:github/yaniv-golan/smalltv-ultra-skill@dcb7a16779ad?skill=geekmagic-smalltv-ultra
Stars1
Source
SHA-256ad0c7e751a7f...
SHA-106f1c4eef715...
MD5fdc7aeeb9daa...
TLSH0c322a127d2d...
ssdeep192:zfHxbq+a...
Size11,841 bytes
Install
This skill has been flagged as potentially malicious. Review the findings below before installing.
Assessments (1)
AI Agent Traps ↗Shell command execution function detectedcriticalcommand execution
Shell command execution function detected
100% confidenceline 55
system (
Broad Command Execution & External Toolinghighcommand execution
The skill explicitly uses `curl` for network requests, `python` for scripting, and mentions `pio run` for building firmware and `git clone` for source code. This grants the agent broad command execution capabilities on the host system.
100% confidenceline 14
`curl -s http://{IP}/v.json`, `import requests`, `import psutil`, `pio run`, `git clone`Firmware Modification & Device Bricking Riskhighimpact
The skill's primary function includes installing and updating device firmware via OTA, which can lead to device bricking if an incorrect or malicious firmware image is flashed. The skill also mentions downloading firmware from external sources.
100% confidenceline 173
Firmware update: OTA via `/update` page (upload .bin file), Install Alternative Firmware, Flash via OTA: upload `.bin` to `http://{IP}/update`, Download matching stock `.bin` from https://github.com/GeekMagicClock/smalltv-ultraExposure of Sensitive WiFi Credentialshighcredential theft
The target device exposes WiFi SSID and password via the `/config.json` endpoint without authentication. The skill documents this sensitive endpoint, making it possible for the agent to retrieve these credentials.
100% confidenceline 224
`/config.json` | WiFi SSID and password (sensitive!)
Host System Reconnaissance via `psutil`mediumreconnaissance
The skill includes Python code examples that use the `psutil` library to gather CPU, RAM, and disk usage statistics from the agent's host system. This allows the agent to perform reconnaissance on its execution environment.
100% confidenceline 128
`import psutil`, `psutil.cpu_percent()`, `psutil.virtual_memory().percent`, `psutil.disk_usage('/').percent`Destructive Device Operationsmediumimpact
The skill documents several unauthenticated HTTP endpoints that can perform destructive actions on the device, such as factory reset, wiping WiFi credentials, deleting all uploaded files, and rebooting.
100% confidenceline 40
Destructive Endpoints — Never Call Without User Confirmation, `/wifisave`, `/set?reset=1`, `/set?clear=image`, `/delete?file={path}`Local File System Read/Write for Configurationlowpersistence
The skill reads and writes configuration data (device IP, model, firmware version) to a local file `.claude/geekmagic-smalltv-ultra.local.md`. This establishes a persistence mechanism for device settings.
100% confidenceline 12
Check for saved device settings at `.claude/geekmagic-smalltv-ultra.local.md`, create the settings file
File Upload to Devicelowdata exfiltration
The skill allows uploading images and GIFs to the target device's internal storage via HTTP POST requests. While intended for display, this could be abused to fill device storage or potentially upload malicious content if the device were to execute it.
100% confidenceline 78
`POST /doUpload?dir=/image/`, `curl -F "file=@dashboard.jpg" "http://{IP}/doUpload?dir=/image/"`Badge
Markdown
[](https://mondoo.com/ai-agent-security/skills/github/yaniv-golan/smalltv-ultra-skill/geekmagic-smalltv-ultra)HTML
<a href="https://mondoo.com/ai-agent-security/skills/github/yaniv-golan/smalltv-ultra-skill/geekmagic-smalltv-ultra"><img src="https://mondoo.com/ai-agent-security/api/badge/github/yaniv-golan/smalltv-ultra-skill/geekmagic-smalltv-ultra.svg" alt="Mondoo Skill Check" /></a>Image URL
https://mondoo.com/ai-agent-security/api/badge/github/yaniv-golan/smalltv-ultra-skill/geekmagic-smalltv-ultra.svgSecure your AI agents
Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.
- Continuous scanning of skills across all registries
- Policy enforcement before skills reach your agents
- Integration with your existing security workflow