v0.1.5

Voice Log

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:59 AM.

Analysis

This skill appears purpose-built for voice journaling, but it starts a background microphone recorder that sends audio to Soniox and stores transcripts, so it deserves careful review before installation.

GuidanceInstall only if you are comfortable with live microphone audio being transcribed by Soniox. Use a dedicated Soniox API key, start the journal only intentionally, confirm status while it is running, stop it when done, and protect or delete the local .data transcript files as needed.

Findings (6)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Rogue Agents

SeverityMediumConfidenceHighStatusNote

scripts/voice_journal_ctl.js

detached: true,
    stdio: ["ignore", outFd, errFd],
    env: daemonEnv,
  });
  child.unref();

Starting the journal launches a detached background process that continues independently of the initial command.

User impactThe microphone journal can keep running after the agent replies until the user explicitly stops it.

RecommendationUse the status and end commands to confirm recording state, and consider adding a visible indicator or automatic timeout if deploying this broadly.

Tool Misuse and Exploitation

SeverityLowConfidenceHighStatusNote

scripts/voice_journal_daemon.js

const { spawn, spawnSync } = require("child_process"); ... const result = spawnSync("which", [cmd], {

The daemon invokes local binaries to locate and run microphone capture tools. This is expected for the purpose, but it relies on local PATH-resolved programs.

User impactThe skill runs local audio-capture commands, so an untrusted or tampered PATH could affect what program is executed.

RecommendationInstall trusted audio tools and run the skill in an environment with a clean, predictable PATH.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

metadata

Source: unknown; Homepage: none

The registry metadata provides limited provenance for a skill that installs/runs Node code and accesses the microphone.

User impactUsers have less publisher/source context to judge whether they trust this sensitive skill.

RecommendationReview the publisher, code, and npm dependency chain before installing, especially because the skill handles live audio and an API key.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusNote

metadata

Requires SONIOX_API_KEY ... Required env vars: none ... Primary credential: none

The skill requires a Soniox API key, but the registry requirement summary under-declares the credential. The key use is expected for Soniox STT, but it is still an account permission boundary.

User impactThe skill can use the user’s Soniox account/API quota while the journal is running.

RecommendationUse a dedicated, revocable Soniox key, monitor usage, and rotate the key if the skill or host environment is no longer trusted.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityHighConfidenceHighStatusNote

SKILL.md

Captures microphone audio locally and streams audio to Soniox realtime STT only while journal is running.

The skill discloses a third-party provider data flow for live microphone audio. This is purpose-aligned, but live speech is highly sensitive.

User impactPrivate conversations near the microphone may be sent to Soniox for transcription while the journal is running.

RecommendationUse only when all relevant participants consent, review Soniox’s privacy terms, and stop the journal when finished.

Memory and Context Poisoning

SeverityMediumConfidenceHighStatusNote

SKILL.md

Keeps a text-only log file, with live conversation logs bucketed by minute. Keeps only the latest 60 minutes

The skill persists transcribed conversation text and later returns it to the agent for summaries. This is disclosed and bounded, but it creates sensitive local context.

User impactRecent spoken content can be read back or summarized, and spoken transcript text may include sensitive information or instructions that should be treated as data.

RecommendationAvoid using it for highly sensitive conversations, protect the .data directory, and treat transcript contents as untrusted text when summarizing.