ClawHub

Parakeet Local Asr

Security checks across malware telemetry and agentic risk

Overview

This local ASR skill is mostly coherent, but installation runs unpinned external repository code, so users should review it before running bootstrap.

Install only if you are comfortable trusting or reviewing the upstream Parakeet ASR repository. Before running bootstrap.sh, inspect the cloned setup.sh, consider pinning a known commit or release, and confirm any package-manager or elevated commands. Keep PARAKEET_URL pointed at localhost unless you intentionally want to upload the test audio elsewhere.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill instructs the agent to execute multiple shell scripts (`bootstrap.sh`, `start.sh`, `healthcheck.sh`, `smoke-test.sh`) but does not declare any permissions for shell/code execution. This creates a transparency and policy-enforcement gap: an agent or platform may run privileged local commands without users having explicit visibility or approval boundaries, increasing the risk of unintended system changes or abuse if the referenced scripts are modified or malicious.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The script clones or updates code from a remote Git repository and immediately executes the repository's setup.sh without pinning to a trusted commit, verifying integrity, or requiring user confirmation. If the repository is compromised, the URL is overridden via environment variable, or the local checkout is tampered with, this becomes arbitrary code execution during bootstrap.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal