Back to skill
Skillv1.0.6
VirusTotal security
VoiceClaw · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 4:40 AM
- Hash
- 991d1e684f7baa193659ed030115fad5ba49481c561ec98bd809aef05dc2e184
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: voiceclaw Version: 1.0.6 The OpenClaw skill 'voiceclaw' is classified as benign. The code and documentation consistently emphasize and implement a 'local-only' approach for speech-to-text and text-to-speech, with no network calls made by the operational scripts (`speak.sh`, `transcribe.sh`). Key security features include robust input sanitization for voice names in `speak.sh` to prevent path traversal, piping text to stdin for Piper TTS to avoid shell injection, and proper temporary file cleanup using `trap cleanup EXIT` in `transcribe.sh`. The `SKILL.md` instructions for the agent are clear and align with the stated purpose, showing no signs of prompt injection attempts. The `SECURITY.md` accurately describes the implemented protections, confirming the absence of data exfiltration, malicious execution, or persistence mechanisms.
- External report
- View on VirusTotal