ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

hotbutter voice chat

v1.0.6

Enables local voice chat by embedding Hotbutter relay server and PWA, providing speech-to-text and text-to-speech via a secure, self-hosted connection.

0· 436·0 current·0 all-time
byMichael Stajer@michael-stajer
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description claim a hosted relay voice bridge. The package only requires the local 'openclaw' CLI and includes code that opens a WebSocket to a relay and invokes 'openclaw agent' — these are exactly what the feature needs.
Instruction Scope
SKILL.md and the JS code consistently state that transcribed speech and agent stdout are sent via the relay. The runtime does not read unrelated files or environment variables; it only stores a small config at ~/.hotbutter and prompts for an optional email. The agent invocation uses execFile (no shell) and captures stdout as the message to relay.
Install Mechanism
There is no formal install spec in the registry (lowest-risk), but index.html contains an example curl | tar command that would download code from hotbutter.ai. That external download is outside the registry install metadata — if users follow it they should verify the remote host. The packaged code itself has no obfuscated downloads.
Credentials
The skill requests no environment variables or external credentials and only writes a local config (~/.hotbutter). That matches its functionality. No unrelated credentials or config paths are requested.
Persistence & Privilege
always:false and user-invocable:true. The skill only stores an optional email locally and does not alter other skills or system-wide agent settings.
Assessment
This skill intentionally routes transcribed speech and the agent's stdout through the hosted relay at wss://hotbutter.ai; that behavior is explicit in SKILL.md and the code. Only install/run it if you are comfortable that agent output may pass through that server. If you need privacy, use the documented --relay-url option to point to a relay you control or use the fully-local hotbutter-os project. Be cautious about following the index.html curl | tar example — that would download code from hotbutter.ai; verify the source before running. Finally, audit what your local 'openclaw' agent prints (it may include secrets), and avoid running agents that output sensitive data while this bridge is active.

Like a lobster shell, security has layers — review code before you run it.

latestvk978krcqp782k3qbmbrrpgd79981xjnr

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments