Back to skill

Security audit

MLX STT

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a straightforward local speech-to-text helper for Apple Silicon Macs, with ordinary dependency-installation and trigger-scope caveats.

Install only if you are comfortable letting Homebrew and uv add or update local audio and ML tooling. Prefer invoking it explicitly with /mlx-stt <audio>, and remember that audio transcripts will be printed into the agent session.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger phrases include very broad natural-language patterns such as "STT ...", "ASR ...", "Transcribe ...", and "Convert audio to text ...", which can match ordinary user requests and cause the skill to auto-activate unexpectedly. Because the skill installs dependencies and processes local files, unintended activation increases the chance of surprising execution, unnecessary package installation, or accidental handling of sensitive audio content.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.