ClawHub

Kid Point Voice Component

Security checks across malware telemetry and agentic risk

Overview

This voice skill matches its stated purpose, but users should understand that speech text or audio is sent to cloud providers and that it may reuse a configured SenseAudio API key.

Install only if you are comfortable sending TTS text and ASR audio to SenseAudio or Microsoft Edge TTS services, and with the skill using your configured SENSE_API_KEY. Avoid sensitive recordings, secrets, regulated data, or confidential workplace content unless those provider data-handling terms are acceptable to you.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (9)

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
The script retrieves SENSE_API_KEY not only from the environment but also from unrelated OpenClaw JSON files, including a path tied to a different agent. This broadens the trust boundary and can cause unintended credential use, cross-skill secret exposure, or silent use of secrets the user did not intend this script to access.

Context-Inappropriate Capability

Medium
Confidence
86% confidence
Finding
The script reads API credentials from user home-directory OpenClaw config files unrelated to this script's direct CLI inputs. That broadens secret access beyond clear necessity and can surprise users, especially in an agent-skill context where capability boundaries should be explicit and minimal.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The README documents use of remote TTS providers and API key setup, but it does not clearly disclose that user-supplied text and possibly generated audio/transcription data are sent to third-party services. In a voice skill, users may input sensitive content, so the lack of an explicit data-flow/privacy warning can lead to unintentional disclosure to external providers.

Natural-Language Policy Violations

Medium
Confidence
91% confidence
Finding
The documented default behavior automatically routes content based on detected language, including sending Chinese text to a China-specific provider without explicit user consent. This is risky because users may not realize that language detection determines where their content is transmitted, creating privacy, compliance, and jurisdictional exposure for sensitive text.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill clearly uses third-party online TTS/ASR providers, but the warnings focus on connectivity and API requirements rather than explicitly informing users that submitted text and audio content will be transmitted off-device. Because this skill handles speech content, that omission is more dangerous in context: users may send sensitive personal, family, or workplace audio/text without informed consent.

Missing User Warnings

Medium
Confidence
81% confidence
Finding
The script uploads user-provided audio to an external cloud ASR service but does not present a clear runtime warning or consent prompt about the privacy implications. Audio may contain sensitive speech, personal data, or confidential conversations, so silent transmission can lead to unintended disclosure even if the service is legitimate.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The skill silently obtains an API key and sends user-supplied text to a remote TTS provider without a meaningful privacy warning or consent checkpoint. In a voice skill, text may contain sensitive content, so undisclosed third-party transmission creates a real privacy risk even if functionally expected.

Unpinned Dependencies

Low
Category
Supply Chain
Content
"test": "echo \"Error: no test specified\" && exit 1"
  },
  "dependencies": {
    "requests": "^2.31.0",
    "edge-tts": "^6.1.0"
  },
  "engines": {
Confidence
90% confidence
Finding
"requests": "^2.31.0"

Unpinned Dependencies

Low
Category
Supply Chain
Content
},
  "dependencies": {
    "requests": "^2.31.0",
    "edge-tts": "^6.1.0"
  },
  "engines": {
    "node": ">=18.0.0",
Confidence
90% confidence
Finding
"edge-tts": "^6.1.0"

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal