ClawHub

Sarvam AI

Security checks across malware telemetry and agentic risk

Overview

This skill does what it advertises: it sends user-chosen text or audio to Sarvam AI for speech, translation, and chat, without hidden persistence or unrelated data access.

Install only if you are comfortable using Sarvam AI with your API key and sending selected text, prompts, and audio files to Sarvam for processing. Avoid regulated, confidential, or secret material unless Sarvam's terms and your data-handling requirements allow it; consider recreating the local Python environment yourself if dependency provenance matters.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill clearly requires an API key and invokes an external AI service, which implies access to environment secrets and outbound network use, yet no explicit permissions are declared. This weakens transparency and governance: users and tooling may not realize the skill can read secrets and send data externally, increasing the chance of unintended secret exposure or unreviewed data egress.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill advertises TTS, STT, translation, and chat, but does not warn users that provided audio, text, and prompts are transmitted to Sarvam AI's external service. In this context, that omission is significant because users may submit sensitive recordings, personal data, or confidential chat content without informed consent about third-party processing.

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The speech-to-text command uploads local audio content to a remote third-party API, but the CLI provides no explicit user-facing warning or consent checkpoint at the point of use. This can cause unintentional disclosure of sensitive voice recordings, background speech, or regulated data, especially in agent or automation contexts where users may assume processing is local.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The chat command sends user messages and optional system prompts to a remote API without clearly disclosing that the content leaves the local environment. In agent settings, prompts may contain secrets, internal instructions, or proprietary text, so silent transmission increases privacy and data-governance risk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal