Back to skill
Skillv1.0.0
VirusTotal security
Free Groq Voice Recognition · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 3:59 AM
- Hash
- 8ea7abc3ab51ac8a8bccd81bc6f96aa21343080be9758e4d881efe7a23e21eb7
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: free-groq-voice Version: 1.0.0 The skill is classified as suspicious due to its core functionality being implemented in a bash script (`transcribe.sh`), which inherently carries a higher risk of command injection vulnerabilities compared to more sandboxed execution environments. While the script's `curl` command appears to quote variables reasonably well and includes a file existence check, the use of shell execution for processing user-provided file paths (`AUDIO_FILE`) and language hints (`LANGUAGE`) introduces a potential attack surface for sophisticated prompt injection against the AI agent, which could lead to shell injection if not perfectly handled. Additionally, the script performs outbound network requests and reads local files, which are necessary for its function but represent risky capabilities without clear malicious intent from the skill author.
- External report
- View on VirusTotal