ClawHub

Voice Log

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed voice-journaling tool that records only after a start command, sends audio to Soniox for transcription, and stores a rolling local transcript.

Install only if you intentionally want background voice journaling. Use a revocable Soniox API key, start recording deliberately, stop it when finished, check status if unsure, and avoid recording sensitive or non-consenting conversations.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill performs background microphone capture and streams audio to a third-party STT provider, but the user-facing instructions do not present a clear privacy warning or explicit consent language at the point of use. This is dangerous because users may enable passive recording without understanding that nearby speech is captured and transmitted off-device, creating substantial privacy and compliance risk.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The manifest explicitly states that the skill requires a sensitive credential (SONIOX_API_KEY) but does not provide any user-facing warning about how that secret is handled, stored, or protected. This can lead users to paste or configure an API key without understanding exposure risks, especially in an agent ecosystem where prompts and logs may be visible to other components or operators.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The manifest explicitly requires a third-party Soniox API key and describes cloud speech-to-text functionality, but it does not present any user-facing privacy warning about continuous audio capture or transmission of conversation data to an external service. In the context of a background voice journaling skill, this omission is meaningful because users may not realize that passive speech logging can send sensitive spoken content off-device to a vendor API.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
This daemon starts continuous microphone capture, streams audio to a third-party transcription service, and persists transcripts to a local journal file, but the daemon code itself contains no enforcement of user consent, visible recording indicator, or runtime warning. In a background journaling skill, that creates substantial privacy risk because sensitive nearby speech may be collected continuously and retained locally even after the user forgets recording is active.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The manifest advertises background speech-to-text and rolling conversation logs, but it does not clearly disclose in the skill metadata that captured audio and transcripts may be transmitted to Soniox, a third-party service. In a passive or background journaling context, missing disclosure undermines informed user consent and can lead to unintended exposure of sensitive spoken data, making the privacy risk materially higher.

Unpinned Dependencies

Low
Category
Supply Chain
Content
"last-journal": "node scripts/voice_journal_ctl.js last"
  },
  "dependencies": {
    "@soniox/node": "^1.1.1"
  }
}
Confidence
84% confidence
Finding
"@soniox/node": "^1.1.1"

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal