Sarvam AI

PassAudited by ClawScan on May 1, 2026.

Overview

This skill appears to do what it says: call Sarvam AI for speech, translation, and chat, using a Sarvam API key and sending the requested text or audio to Sarvam.

This looks safe to use if you trust Sarvam AI with the text and audio you submit. Before installing, confirm the local virtual environment is from a trusted source, set SARVAM_API_KEY securely, and avoid sending sensitive content unless the provider's data handling terms fit your needs.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Low

#ASI03: Identity and Privilege Abuse

What this means

Using the skill may consume Sarvam API quota or incur provider-side usage tied to the supplied key.

Why it was flagged

The script authenticates Sarvam API requests using the user's SARVAM_API_KEY. This is expected for the service, but it means the skill can use the user's Sarvam account/API quota when invoked.

Skill content

API_KEY = os.environ.get("SARVAM_API_KEY") ... "api-subscription-key": API_KEY ... "Authorization": f"Bearer {API_KEY}"

Recommendation

Use a revocable or scoped Sarvam key if available, keep it out of prompts and logs, and rotate it if it is exposed.

Low

#ASI07: Insecure Inter-Agent Communication

What this means

Text or audio submitted to the commands will leave the local environment and be processed by Sarvam AI.

Why it was flagged

The skill sends user-provided text, chat messages, translation content, and STT audio files to Sarvam's external API. This is central to the skill's purpose and the endpoint is disclosed in code.

Skill content

BASE_URL = "https://api.sarvam.ai" ... requests.post(url, json=payload, headers=headers) ... requests.post(url, headers=headers, files=files, data=data)

Recommendation

Avoid sending confidential, regulated, or sensitive audio/text unless Sarvam's privacy and retention terms are acceptable for your use case.

Info

#ASI04: Agentic Supply Chain Vulnerabilities

What this means

Installation may depend on a preexisting local environment whose exact dependency provenance is not described in the artifacts.

Why it was flagged

The skill relies on a local virtual environment Python binary but does not provide an install recipe or upstream homepage/source reference. This creates a minor provenance and reproducibility gap.

Skill content

Source: unknown; Homepage: none; No install spec — this is an instruction-only skill; Required binaries (all must exist): skills/sarvam/.venv/Scripts/python.exe

Recommendation

Verify the local virtual environment yourself, or recreate it from trusted Python and the minimal required dependency before use.