Percept Listen
v1.0.0Captures ambient audio from wearable devices, transcribes locally, and streams searchable, speaker-tagged conversation data to your OpenClaw agent.
⭐ 0· 430·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name and description (ambient capture + local transcription) align with the SKILL.md instructions to run a 'percept' receiver and accept webhook transcripts. However, the doc contains a contradictory phrase: the flow says 'Omi pendant captures audio → phone does STT → sends transcript segments via webhook', which implies the phone performs speech-to-text (possibly cloud-based) rather than transcription occurring purely on the user's machine. The skill also instructs installing a PyPI package and running a web server/tunnel although the registry metadata lists no required binaries, env vars, or credentials — a mild mismatch between declared requirements and operational needs.
Instruction Scope
Runtime instructions tell the operator to pip-install getpercept, run a uvicorn server, and configure a public tunnel (ngrok/Cloudflare/Tailscale) so a mobile app can post transcripts to a local webhook. That design intentionally exposes conversation transcripts to the chosen tunneling provider and to any network path between device and tunnel endpoint. Instructions also prescribe where transcripts and DB files are stored on disk. The doc does not warn that the phone's STT may be cloud-based or that tunnel providers will see webhook traffic — this is material scope creep for a skill claiming 'all processing stays local.'
Install Mechanism
There is no formal install spec in the registry; the SKILL.md directs users to 'pip install getpercept' and to run 'percept start' or uvicorn. Installing unverified PyPI packages and running a web server on your machine is a standard but non-trivial action that can introduce arbitrary code. The SKILL.md points to a GitHub repo (github.com/GetPercept/percept), which is helpful, but the registry metadata lists the source as unknown and has no homepage — you should verify the package and repo before installing.
Credentials
The skill declares no required env vars or credentials, which is consistent with the registry metadata. In practice, using tunnels and webhooks will typically require accounts/credentials for ngrok/Tailscale/Cloudflare or some configuration in the Omi/phone app; those are not documented or requested explicitly. Also, the doc's claim that 'all processing stays local' conflicts with the stated phone-side STT step, which may use third-party cloud STT and therefore would involve external credentials and data egress not described here.
Persistence & Privilege
The skill does not request elevated platform privileges or 'always: true'. It is user-invocable and can run services (percept start) on the host, but that is normal for an instruction-only integration. Note: once installed and running, the local server will persist conversation data on disk and the agent (if granted access) could read that data — evaluate that data flow carefully.
What to consider before installing
This skill can collect and store ambient conversation data and asks you to install and run a third-party Python package and a local web server reachable via a public tunnel. Before installing: (1) Verify the 'getpercept' package and the GitHub repo (owner, recent commits, issues) to ensure you trust the code; (2) Confirm where STT actually happens — if the phone/cloud does speech-to-text, sensitive audio may be processed by third parties despite the 'local' claim; (3) Be aware that using ngrok/Cloudflare/Tailscale exposes webhook traffic to those providers — use authenticated tunnels and TLS, and limit access; (4) Review and secure the filesystem paths (percept/data/percept.db, /tmp/percept-live.txt) and set appropriate permissions/rotation; (5) Consider legal and privacy obligations for recording ambient conversations and obtain consent; (6) If you are not comfortable auditing a pip package or exposing transcripts via a tunnel, do not install. Additional helpful info to reduce uncertainty: a link to an official project homepage, signed releases or PyPI/project metadata, and explicit documentation stating whether STT runs on-device or in-cloud.Like a lobster shell, security has layers — review code before you run it.
latestvk9739m8e7gw34d4dttz9vxn3w581mxtv
License
MIT-0
Free to use, modify, and redistribute. No attribution required.