Shellphone Gateway

Security checks across malware telemetry and agentic risk

Overview

The skill looks like a legitimate setup guide, but its privacy claims conflict with use of a third-party speech service without explaining what data may leave the user’s system.

Review before installing. Verify the GitHub repository, PyPI package, Docker Compose file, and TestFlight publisher, and treat the self-hosted privacy claim as incomplete unless the developer clarifies whether ScrappyLabs is optional, what audio/text it receives, and how to disable those features.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill advertises "Free TTS/ASR" via ScrappyLabs but does not clearly warn users that audio data may be sent to a third-party service. This can mislead users into believing the system is fully self-hosted and privacy-preserving, increasing the risk of unintended disclosure of voice/audio content and related metadata.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal