ClawHub

persona-voice

Security checks across malware telemetry and agentic risk

Overview

This skill does what it advertises: it creates persona-style voice replies for Feishu/Lark using SenseAudio and Feishu APIs, with no evidence of hidden or destructive behavior.

Install only if you are comfortable giving it Feishu bot credentials and a SenseAudio API key, and if chat users are informed that their text, generated replies, and voice recordings may be processed by external providers. Use least-privilege Feishu bot permissions, keep .env files out of source control, and avoid using it for sensitive conversations unless the providers' data-handling terms are acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill sends user audio and derived text to third-party providers for ASR/TTS and messaging, but the description does not clearly warn that potentially sensitive voice content and transcripts leave the local environment. In a chatbot/companion setting, users may share personal or confidential information, so missing disclosure and consent language materially increases privacy risk.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The document explicitly instructs operators to send user text and voice data to external services (Claw/ChatGPT and SenseAudio ASR/TTS) but provides no privacy notice, consent flow, data handling guidance, or retention/security expectations. In a chat and voice bot context, users may reasonably expect their content is processed by the platform bot itself, so undisclosed third-party transmission can expose sensitive personal or organizational information.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The code uploads the provided audio file to a third-party ASR service over the network, which can expose potentially sensitive voice content and embedded personal information to an external processor. In this skill’s context, audio comes from chat or bot interactions, so users may reasonably assume local handling unless disclosure and consent are made explicit.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The code uploads the full audio file to a third-party ASR endpoint, which can expose potentially sensitive voice content and metadata to an external service. In this skill’s Feishu/Lark bot context, users may assume they are interacting only with the bot platform and may not realize their recordings are being sent to SenseAudio, creating a privacy and consent risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal