v1.1.8

Speech to Text (Yandex SpeechKit)

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 6:00 AM.

Analysis

This appears to be a legitimate speech-to-text skill, but it uses your Yandex credentials and sends audio to Yandex for transcription.

GuidanceBefore installing, be sure you are comfortable sending selected voice/audio files to Yandex SpeechKit. Use a least-privilege Yandex API key, store credentials in OpenClaw configuration, keep FFmpeg and Python dependencies current, and run setup/check scripts only from the installed skill directory.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Unexpected Code Execution

SeverityLowConfidenceHighStatusNote

scripts/audio_processor.py

cmd = ['ffmpeg', '-i', input_file, ... '-y', output_file] ... subprocess.run(cmd, capture_output=True, text=True, timeout=300)

The skill runs FFmpeg as a local subprocess to inspect or convert audio. This is expected for speech-to-text processing and uses argument arrays rather than shell-string execution.

User impactInstalling and using the skill relies on local FFmpeg execution against audio files provided for transcription.

RecommendationKeep FFmpeg updated and only transcribe files from sources you trust or are willing to process locally.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

requirements.txt

python-dotenv>=1.0.0
requests>=2.31.0
urllib3>=1.26.0

The Python dependencies are specified with lower-bound ranges rather than exact pinned versions. That is common, but future installs can resolve different package versions.

User impactA later setup run could install newer dependency versions than the author originally tested.

RecommendationReview dependencies before setup, and consider pinning versions or using a lockfile in controlled environments.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityLowConfidenceHighStatusNote

check.sh

OC_CONFIG="${HOME}/.openclaw/openclaw.json" ... -H "Authorization: Api-Key ${CHECK_API_KEY}"

The diagnostic script can read this skill's configured Yandex API key and use it to validate access against Yandex. It does not show the key in output, and this credential use is expected for SpeechKit.

User impactThe skill needs a real Yandex API key and folder ID, which may allow API usage and billing within the configured Yandex project.

RecommendationUse a least-privilege Yandex service-account key, preferably limited to SpeechKit use, and store it through OpenClaw configuration rather than pasting it into chat.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityMediumConfidenceHighStatusNote

scripts/providers/yandex_speechkit.py

API_URL = "https://stt.api.cloud.yandex.net/speech/v1/stt:recognize" ... response = self.session.post(... data=audio_data, timeout=self.timeout)

The provider sends the audio bytes to Yandex SpeechKit. This is disclosed and central to the skill, but it is still an external provider data flow involving potentially sensitive voice content.

User impactVoice messages or audio files you transcribe may be processed by Yandex Cloud under your Yandex account.

RecommendationUse the skill only for audio you are comfortable sending to Yandex, and review Yandex SpeechKit privacy, billing, and retention terms.