Telegram Voice To Voice Macos
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: telegram-voice-to-voice-macos Version: 0.1.3 The skill bundle is classified as benign. All scripts (`transcribe_telegram_ogg.sh`, `tts_telegram_voice.sh`) and instructions (`SKILL.md`) are directly aligned with the stated purpose of providing a Telegram voice-to-voice workflow on macOS. File system operations are confined to expected OpenClaw media and workspace directories (`~/.openclaw/media/inbound`, `~/.openclaw/workspace/voice_out`). The use of external commands (`yap`, `ffmpeg`, `say`, `defaults`) is necessary for the skill's functionality, and arguments are generally quoted, mitigating direct shell injection risks from the script's side. There is no evidence of intentional data exfiltration, malicious execution, persistence mechanisms, or prompt injection attempts designed to subvert the agent's purpose.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent can send generated voice replies in Telegram on the user's behalf when this workflow is used.
The skill instructs the agent to send generated audio back through Telegram. This is expected for the stated purpose, but it is an external message-sending action.
use the `message` tool with `asVoice: true` and `media: <path.ogg>`
Use this skill only where Telegram auto-replies are intended, and review generated replies or switch to text mode if voice replies are not desired.
In a busy Telegram inbox, the fallback could transcribe the wrong recently saved voice note.
If no explicit attachment path is passed, the helper selects the newest inbound OGG file without binding it to the current Telegram sender or message.
OGG_PATH="$(ls -t "${HOME}/.openclaw/media/inbound"/*.ogg 2>/dev/null | head -n 1 || true)"Prefer passing the explicit attachment path from the message context; consider changing the helper to require a path or validate the sender/message before transcription.
The workspace may retain Telegram sender IDs and their voice/text preference until the state file is deleted.
The skill stores persistent per-user reply-mode state using Telegram sender IDs. This is disclosed and purpose-aligned, but it is persistent local state.
State file: `voice_state/telegram.json`; Key: Telegram sender user id
Keep the workspace private and delete `voice_state/telegram.json` if you want to reset or remove stored reply preferences.
A compromised or untrusted local `yap` or `ffmpeg` binary would affect the safety of this workflow.
The skill relies on locally installed third-party binaries rather than installing them itself. No hidden installer is shown, but binary provenance matters.
`yap` CLI available in `PATH` ... Project: https://github.com/finnvoor/yap ... `ffmpeg` available in `PATH`
Install required binaries from trusted sources and keep them updated.