ClawHub

Smallest Ai

Security checks across malware telemetry and agentic risk

Overview

This is a coherent cloud speech skill, but users should understand that chosen text and audio are sent to Smallest AI and generated audio may be saved locally.

Install only if you are comfortable sending selected text, audio recordings, transcripts, and related options to Smallest AI for processing. Avoid confidential, regulated, or third-party recordings without consent, keep SMALLEST_API_KEY private, and use custom --out paths carefully because they can overwrite local files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (12)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The plan explicitly sends user/agent text and an API credential to a third-party TTS provider, but it does not require any user-facing disclosure, consent flow, or operator warning about external data processing. In systems that may handle sensitive prompts, replies, or personal data, this can lead to unintentional privacy and compliance violations because content is transferred off-platform to an external service.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The README promotes a voice-note loop where incoming audio is transcribed and a reply is generated, but it does not clearly disclose that user audio and message content will be sent to Smallest AI's external service for processing. In a messaging context, users may assume processing is local or agent-internal, which creates a real privacy and consent risk for potentially sensitive personal or business communications.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README advertises transcription of voice notes, recordings, and meetings, including speaker labels and summaries, without warning that these privacy-sensitive audio files are processed by an external API. Meeting recordings often contain confidential, regulated, or third-party data, so omission of this disclosure can lead to unsafe deployment and unconsented sharing.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill instructs the agent to send user text or audio, along with use of an API credential, to an external third-party service but does not provide a user-facing privacy notice or transmission warning. Users may unknowingly submit sensitive speech, transcripts, or personally identifying information to a remote vendor, which is especially risky for audio content that may contain biometric or confidential data.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
Advertising voice cloning without any consent or biometric privacy warning is a meaningful safety issue because cloned voices can impersonate real individuals and misuse sensitive biometric traits. In a voice-generation skill, this context makes the omission more dangerous, since the feature is directly aligned with fraud, harassment, and non-consensual voice replication risks.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The trigger guidance includes very broad phrases such as 'say', 'speak', 'read aloud', and 'transcribe', which are common in ordinary conversation and can cause the skill to activate unintentionally. Because this skill can send text/audio to an external service, unintended invocation may lead to unnecessary data disclosure, charges, or surprise generation/transcription actions.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The document instructs users to authenticate with a bearer API key and even shows a placeholder key value, but it provides no guidance about keeping secrets out of source control, logs, or shared examples. In an API reference for a skill likely to be copied into code, this omission can contribute to accidental credential exposure, though it is documentation weakness rather than an active exploit.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The script uploads raw audio to an external third-party service, but the runtime UX does not clearly warn the user that local audio contents may leave the machine and be processed remotely. For speech files, this can expose sensitive personal, corporate, or regulated content, making the omission a meaningful privacy/security issue in this skill context.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The script uploads the user-supplied audio file to a third-party API, which is an external transmission of potentially sensitive voice content. While this is expected for a cloud STT skill, the script itself does not prominently warn at execution time that local audio and derived metadata may leave the device, so users may disclose private conversations unintentionally.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The script transmits arbitrary user-provided text to an external TTS provider without an explicit user-facing notice or consent prompt in the execution flow. In a skill context, users may provide sensitive content assuming local processing, so silent third-party transmission creates a real privacy and data-handling risk.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script sends arbitrary user-supplied text to a third-party TTS provider without any explicit warning, consent check, or privacy notice at execution time. This can expose sensitive or regulated content if users assume processing is local, especially because the skill is designed to read arbitrary text aloud and the transmission is central to its operation.

External Transmission

Medium
Category
Data Exfiltration
Content
TMPFILE=$(mktemp)
trap "rm -f $TMPFILE" EXIT

HTTP_CODE=$(curl -s -w "%{http_code}" -o "$OUT" \
  --connect-timeout 10 \
  --max-time 30 \
  -X POST "https://api.smallest.ai/waves/v1/lightning-v3.1/get_speech" \
Confidence
93% confidence
Finding
curl -s -w "%{http_code}" -o "$OUT" \ --connect-timeout 10 \ --max-time 30 \ -X POST "https://api.smallest.ai/waves/v1/lightning-v3.1/get_speech" \ -H "Authorization: Bearer $API_KEY" \ -H "

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal