webcam-monitor 安全扫描报告 — 低风险 | ClawSafe

15 /100

webcam-monitor

Webcam motion detection and monitoring system for WSL2 with USB/IP passthrough

This is a legitimate webcam motion detection and monitoring tool using standard Python libraries (OpenCV). No malicious code, credential theft, or data exfiltration detected. Minor documentation gaps and a script filename mismatch exist but don't represent security threats.

技能名称webcam-monitor

分析耗时36.1s

引擎pi

✓

可以安装

Safe to use. Consider improving documentation transparency about image storage and person identification features.

安全发现 3 项

严重性	安全发现	位置
低危	Image storage not explicitly documented 文档欺骗 SKILL.md describes the motion detection and snapshot features but doesn't explicitly state that images are saved to ~/.openclaw/workspace/camera/snapshots/ `Saves snapshots to ~/.openclaw/workspace/camera/snapshots/` → Add explicit statement about persistent image storage	`SKILL.md:1`
低危	Script filename mismatch 文档欺骗 snapshot.sh references 'motion_detector.py' but the actual file is named 'motion_detector_headless.py', causing the script to fail `/usr/bin/python3.10 motion_detector.py --snapshot` → Update snapshot.sh to reference motion_detector_headless.py	`scripts/snapshot.sh:6`
低危	Hardcoded person identification strings 敏感访问 watcher_with_cleanup.py contains hardcoded identification data for specific individuals ('Jade OR Sarah') with physical descriptions `Person: Jade OR Sarah (home office/living room, cat tree)` → Move identification profiles to a configurable external file	`scripts/watcher_with_cleanup.py:57`

资源类型	声明权限	推断权限	状态	证据
文件系统	`READ`	`WRITE`	✓ 一致	Writes to ~/.openclaw/workspace/camera/ directories
网络访问	`READ`	`READ`	✓ 一致	Local-only HTTP server on port 8081
命令执行	`NONE`	`NONE`	—	No subprocess calls found
环境变量	`NONE`	`NONE`	—	No environment variable access
浏览器	`NONE`	`NONE`	—	No browser automation

目录结构

6 文件 · 23.2 KB · 719 行

Python 4f · 542L Markdown 1f · 172L Shell 1f · 5L

├─ ▾ 📁 scripts

│ ├─ 🐍 cleanup.py Python 71L · 2.2 KB

│ ├─ 🐍 motion_detector_headless.py Python 172L · 6.1 KB

│ ├─ 🔧 snapshot.sh Shell 5L · 130 B

│ ├─ 🐍 watcher_with_cleanup.py Python 125L · 4.3 KB

│ └─ 🐍 web_preview.py Python 174L · 5.7 KB

└─ 📝 SKILL.md Markdown 172L · 4.8 KB

安全亮点

✓ No base64-encoded or obfuscated code found

✓ No credential harvesting or environment variable iteration

✓ No remote script execution (curl|bash, wget|sh)

✓ No access to sensitive paths (~/.ssh, ~/.aws, .env)

✓ No data exfiltration or C2 communication

✓ No reverse shell or RCE capabilities

✓ Uses only standard, well-known libraries (cv2, numpy, pathlib)

✓ Network activity is local-only (localhost:8081)

✓ File system access is confined to designated directory