ClawHub

Phone Voice Integration

Security checks across malware telemetry and agentic risk

Overview

This phone assistant skill is purpose-aligned but needs review because it exposes calls, local memory, transcripts, and outbound dialing with limited documented scoping.

Install only if you are comfortable running a public phone bridge that can send local memory, profile data, call content, and transcripts through Twilio, ElevenLabs, and Anthropic. Use strong unique tokens, restrict callers, limit what MEMORY.md and USER.md contain, define retention/deletion rules for transcripts and logs, and disable outbound calling unless you need it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill states that MEMORY.md, USER.md, and recent call transcripts are injected into prompts before each call, but it does not present an explicit consent notice, minimization policy, or caller-facing warning. In a phone context, this can expose sensitive personal data to callers, to third-party processors, and across calls, especially if authentication or caller-ID checks are bypassed or weak.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill documents transcript and cost logging tied to caller numbers and call metadata without a clear warning that conversations and identifiers will be stored. This creates privacy and compliance risk because phone conversations may contain highly sensitive information, and persistent logs increase the blast radius of compromise or misuse.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal