ClawHub

Pine Voice

Security checks across malware telemetry and agentic risk

Overview

Pine Voice appears functional and transparent overall, but it can send sensitive account or payment details to a remote voice service and place real calls without a clear final approval checkpoint.

Before installing, be comfortable with Pine AI processing call details and transcripts. For every call, confirm the phone number, purpose, exact information to disclose, spending or account-change limits, maximum duration, and whether a background agent may keep polling. Avoid providing passwords, MFA codes, full card numbers, or highly sensitive identifiers unless absolutely necessary, and delete ~/.pine-voice/credentials.json if you no longer want the skill authenticated.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill explicitly instructs the agent to collect 'every piece of information the callee might need,' including authentication details, payment info, and verification info, then transmit that data to Pine AI's voice service and onward over a phone call, but it does not require an explicit warning or fresh user confirmation before gathering highly sensitive data. In this context, the missing consent and sensitivity warning materially increase the risk of oversharing credentials, financial data, or identity-verification information to a third party and to the called business.

Missing User Warnings

Medium
Confidence
85% confidence
Finding
This script sends user-supplied call metadata along with authentication-linked identifiers to a remote service, but it provides no explicit notice, confirmation, or minimization around what data is being disclosed. In a voice-calling skill, those fields can contain sensitive personal, financial, or account details, so silent transmission increases privacy and compliance risk even if the network behavior is functionally expected.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal