ClawHub

IELTS Speaking Coach

Security checks across malware telemetry and agentic risk

Overview

This IELTS speaking coach is purpose-aligned and disclosed, with privacy-sensitive audio and optional progress tracking that users should understand before use.

Safe to install for IELTS practice if you are comfortable sending voice messages, transcripts, and scores to the configured LLM/ASR environment. Use text-only mode for more privacy, avoid sharing sensitive personal details in practice answers, and review the separate optional backend before enabling persistent learning-state tracking.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill explicitly processes user voice messages, converts them with ffmpeg, and transcribes them, but it does not state any user-facing notice about how audio is processed, whether it is sent to external services, or what data handling occurs. In a speaking-coach context this is not inherently malicious, but the lack of transparency creates a privacy and consent risk, especially because voice data is sensitive and may be transmitted over the network for ASR or scoring.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The manifest explicitly advertises audio pronunciation scoring via ffmpeg and ASR, which implies collection and processing of spoken audio, but it does not disclose this processing to users or set expectations around handling of voice data. Voice recordings can contain sensitive personal information, so the absence of a clear user-facing privacy notice and consent language creates a real transparency and privacy risk even if the feature is legitimate.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger list contains generic phrases such as "speaking," "mock exam," "study plan," and broad Chinese equivalents that can plausibly appear in unrelated conversations. This can cause unintended activation, leading the skill to take over context, alter responses, or process user content as IELTS-related when the user did not clearly intend that mode.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The instruction to trigger on "any IELTS speaking request" is underspecified and lacks exclusion boundaries, making activation dependent on broad semantic interpretation. In practice this increases the chance of overreach, where normal tutoring or language-related requests are captured by the skill and its mode persists longer than the user expects.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill states that if a backend API is available, it should use it for scoring persistence and learning-path generation, while the manifest also requests network permission and includes a user identifier. That creates a real privacy and data-handling risk because learner transcripts, scores, and possibly audio-derived data may be transmitted or stored without explicit notice, consent, or data-minimization controls.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal