ClawHub

VoScript API

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent VoScript API helper for a self-hosted transcription service, with expected handling of audio, API keys, and voiceprints.

Install only if you trust the VoScript server you configure. Treat uploaded audio and enrolled voiceprints as sensitive data, prefer environment variables or headers for the API key, avoid putting keys in URLs or shell history, and confirm voiceprint IDs carefully before delete operations.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The skill instructs users to upload audio and manage voiceprints, which can include sensitive personal data and biometric identifiers, but provides no warning about consent, lawful basis, retention, or data handling. In practice this can lead an agent or user to transmit highly sensitive content to a service without appropriate authorization or privacy review.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill documents deletion of voiceprints without warning that the action is destructive and may be irreversible, which can cause accidental loss of biometric profiles and degrade future identification workflows. For agent-driven execution, lack of a confirmation requirement materially increases the chance of unintended destructive actions.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The documentation explicitly states that API keys may be sent via query parameters, which is risky because URLs are commonly logged by servers, proxies, browser history, shell history, and monitoring systems. In a skill intended to automate API access across many agent environments, this guidance increases the chance that credentials will be exposed outside the intended trust boundary.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal