Speech is Cheap Transcribe
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: asr Version: 1.2.0 The skill bundle provides an automatic speech-to-text transcription service. The `SKILL.md` and `README.md` files contain clear, functional instructions for the OpenClaw agent to use the `asr.sh` script, without any evidence of prompt injection attempts to subvert the agent's behavior or exfiltrate data. The `asr.sh` script correctly handles the `SIC_API_KEY` environment variable and interacts with the `speechischeap.com` API for transcription, including local file uploads and webhook callbacks. While the script can upload local files and accept arbitrary webhook URLs, these are core functionalities of an ASR service and are not used with malicious intent within the provided code or instructions. There is no evidence of data exfiltration to unauthorized endpoints, malicious execution patterns, or obfuscation.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A crafted or poorly handled command argument could cause transcription jobs to fail or use unexpected request parameters.
The script manually interpolates agent/user-supplied strings into a JSON request instead of using a JSON encoder. This is purpose-aligned, but special characters in arguments could malformed or alter the provider API request.
--url) URL="$2"; shift ;; ... JSON_DATA=$(cat <<EOF ... "input_url": "$URL", ... "webhook_url": "$WEBHOOK", ... EOF
Use trusted command arguments, avoid letting untrusted page/session text choose webhook or advanced options unattended, and prefer a future version that builds JSON with a proper encoder such as jq or Python.
Anyone with access to the environment variable could use the linked Speech is Cheap account and potentially consume paid transcription credits.
The skill requires a Speech is Cheap API key and sends it as a bearer token to the service. This is expected for the stated provider integration, with no hardcoded key or logging shown.
if [ -z "$SIC_API_KEY" ]; then ... -H "Authorization: Bearer $SIC_API_KEY"
Store SIC_API_KEY as a secret, use a revocable or least-privilege key if the provider supports it, and monitor account usage.
Audio files, URLs, transcripts, and callback payloads may be sent outside the local machine to the provider or to a configured webhook endpoint.
Local files can be uploaded to the provider, and an optional webhook can receive job completion data. Private mode is supported but defaults to false unless the user supplies --private.
UPLOAD_BASE="https://upload.speechischeap.com/v2" ... -F "input_file=@$FILE" ... -F "webhook_url=$WEBHOOK" ... PRIVATE=false
Only transcribe media you are allowed to share with the provider, use --private for sensitive jobs, and set webhooks only to endpoints you control and trust.