ClawHub

Audio Processing (Iyeque)

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it advertises: user-directed audio transcription, analysis, transformation, and text-to-speech, with no evidence of hidden persistence, credential access, or unrelated data collection.

Install in an isolated Python environment if possible. Treat the TTS feature as cloud-backed: do not use it for secrets, regulated data, or confidential internal text unless you are comfortable sending that text to Google TTS. Expect ffmpeg and Whisper dependencies to consume disk space, and note that the strict path checks may block files outside the current workspace.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill documentation exposes shell-capable installation and execution flows (`brew`, `pip`, `uv run`, `ffmpeg`, `python3`) but does not declare corresponding permissions. This creates a trust and review gap: an agent or user may invoke commands with system-level effects without explicit permission signaling, increasing the chance of unintended command execution or unsafe environment modification.

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
The TTS implementation uses gTTS, which sends the provided text to Google's remote service to generate audio. That creates an unannounced data egress path for potentially sensitive user content, and the skill description does not clearly disclose that external network transmission is required.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The TTS action uses gTTS, which relies on Google's service and may transmit user-provided text off-host, but the documentation does not warn users about that external disclosure. This is dangerous because users may submit sensitive text under the assumption that processing is local, leading to privacy, confidentiality, or compliance issues.

Missing User Warnings

High
Confidence
96% confidence
Finding
User-provided text is transmitted to an external TTS service without any warning, consent flow, or alternative local mode. If users submit secrets, internal data, or regulated content, this can lead to unintended disclosure to a third party and associated compliance/privacy issues.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal