Voice Recognition

Security checks across malware telemetry and agentic risk

Overview

This is a local Whisper transcription helper with ordinary privacy caveats around saved transcript files.

Install Whisper only from a trusted source. Use this skill on audio you are comfortable storing locally, because transcripts are written as .txt files beside the source audio and Whisper models may be cached under your user account. Add the ~/.zshrc alias only if you trust the script path and want that persistent shortcut.

SkillSpector

By NVIDIA

Vulnerability Patterns

Rogue AgentSelf-Modification, Session Persistence
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration

Findings (4)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 91% confidence
Finding: The skill instructs users to run local Python and shell commands and references direct file access, but it does not declare corresponding permissions or clearly communicate those capabilities. This can mislead users and any permission-gating system, reducing transparency around local file access and command execution.

Missing User Warnings

Medium

Confidence: 84% confidence
Finding: The skill writes transcript files next to the source audio automatically via the Whisper CLI without clear disclosure or control. In environments processing sensitive recordings, this can unintentionally persist plaintext transcripts in shared or monitored directories, increasing confidentiality and data-retention risk.

Missing User Warnings

Medium

Confidence: 84% confidence
Finding: The automatic transcription helper has the same undisclosed side effect of creating transcript files in the input directory. Because it is a helper function, callers may assume it returns in-memory results only, making accidental data exposure more likely in sensitive workflows.

Session Persistence

Medium

Category: Rogue Agent
Content: python3 /Users/liyi/.openclaw/workspace/scripts/voice识别_升级版.py audio.m4a --summarize ``` ### Quick Command (add to ~/.zshrc) ```bash alias voice="python3 /Users/liyi/.openclaw/workspace/scripts/voice识别_升级版.py"
Confidence: 87% confidence
Finding: add to ~/.zshrc

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal