openclaw-voice

Security checks across malware telemetry and agentic risk

Overview

This is a local voice transcript and profile CLI with disclosed persistence; users should mainly watch what they publish into shared interchange files.

Install only if you are comfortable with a local SQLite database and npm dependency install. Treat transcripts, summaries, voice profile descriptions, backups, and interchange Markdown as persistent local records; do not store secrets there, and review generated interchange files before relying on them as context for other agents.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Intent-Code Divergence

Low

Confidence: 94% confidence
Finding: This is a real issue: the test claims to verify that sensitive data is excluded from generated interchange files, but the assertion is ineffective because it compares a string to a RegExp object rather than checking for a match. As a result, the test will pass even if the voice ID or other sensitive content is present, weakening the safety net against accidental data disclosure in generated artifacts.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal