ClawHub

AnveVoice

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real AnveVoice integration, but it gives the agent broad access to sensitive voice, visitor, billing, and credential-management data that users should review carefully.

Install only if you trust AnveVoice and its remote MCP service with visitor voice data, transcripts, contact leads, analytics, recordings, and some account administration. Use the narrowest API-key scope available instead of Full Access, avoid credential and billing tools unless you need them, manually confirm delete or revoke actions, and make sure your site has consent, privacy-policy, and retention controls before embedding the widget.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
The README presents the skill as "scanned and verified" based on a VirusTotal result for only SKILL.md, which does not validate the full skill, remote dependencies, runtime behavior, or hosted scripts. This can create misplaced trust and cause users to install or approve the skill without performing appropriate review, especially because the security claim is prominently framed as verification.

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
The skill exposes credential-management operations (`list_mcp_credentials`, `revoke_mcp_credential`) that are broader than the advertised website voice-assistant functionality. In an agent environment, these tools expand the blast radius: a prompt-influenced or mistaken call could enumerate or revoke credentials, causing account disruption or enabling follow-on attacks against authentication assets.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README advertises session recordings, visitor intelligence, analytics, and lead extraction without any adjacent disclosure about consent, notice, retention, or legal/privacy obligations. For a voice assistant handling potentially sensitive audio and user data, omission of these warnings increases the risk of unlawful or non-consensual collection and processing.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The integration instructions tell users to embed a third-party remote script and deploy a voice widget, but do not warn that visitor audio, transcripts, telemetry, and interaction data may be sent to AnveVoice or other back-end services. This lack of transparency is especially risky because microphone access and off-site data transfer can have significant privacy and compliance implications.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The documentation promotes collection and analysis of visitor conversations, leads, sentiment, and intelligence profiles without any visible privacy notice, consent guidance, retention limits, or user-impact warning. This creates a real privacy/compliance risk because deployers may enable surveillance-style processing of personal data without realizing notice, lawful basis, and minimization obligations apply.

Missing User Warnings

High
Confidence
95% confidence
Finding
The skill documents session audio recording and retrieval via signed URLs without warning that recording voices may require prior notice and consent under wiretapping, privacy, biometric, or sector-specific rules. Because voice recordings are highly sensitive and the feature includes easy access to stored audio, misuse could expose intimate conversations, regulated data, or evidence of noncompliant surveillance.

VirusTotal

57/57 vendors flagged this skill as clean.

View on VirusTotal