Back to skill

Security audit

STT Recognizer | STT 识别器

Security checks across malware telemetry and agentic risk

Overview

This speech-to-text skill appears purpose-built for recording and transcription, but it needs review because it can capture, save, and sometimes upload microphone audio without clear consent and privacy controls.

Install only if you are comfortable with a skill that can access your microphone, write recordings and transcripts to disk, and send audio to a remote API when configured for API mode. Prefer local-only mode for sensitive speech, verify where files are saved, delete recordings you do not need, and avoid using broad automatic triggers in shared or private environments.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill documentation instructs use of environment variables, shell commands, and file-writing behavior, but the skill does not declare corresponding permissions. This creates a transparency and consent gap: users or hosting platforms may not realize the skill can access secrets, write persistent files, and invoke shell operations.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger phrases include broad, common terms such as '录音', 'STT', '语音识别', and '转写', which increases the chance of accidental invocation during ordinary conversation or unrelated tasks. Because this skill can activate microphone recording and potentially send audio to a cloud API, unintended activation has direct privacy implications.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill prominently describes microphone capture and optional cloud transcription but does not clearly warn that sensitive spoken content may be recorded, stored on disk, and transmitted to third-party services in API mode. For an audio-capture tool, missing privacy disclosure materially increases the risk of collecting or exporting confidential information without informed user consent.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The script records microphone audio to a WAV file and saves the transcription to disk by default, but it does not clearly warn the user that both raw audio and derived text will be persisted under a workspace path. Because microphone input can contain sensitive conversations, credentials, or personal data, silent persistence increases privacy and data-exposure risk, especially on shared systems or when the workspace is synced, backed up, or broadly readable.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The script can start microphone capture immediately based on CLI arguments and only prints generic status messages, with no explicit consent confirmation or privacy warning at record time. In an agent-skill context, this increases the risk of collecting sensitive nearby speech without sufficiently clear user acknowledgement, especially if another component invokes the script non-interactively.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
When the API engine is used, the script uploads the audio file to a configured external endpoint without any explicit runtime warning or confirmation that sensitive audio will leave the local machine. In an STT skill, users may reasonably expect local processing, so silent cloud transmission can expose confidential speech, personal data, or regulated content to third-party services.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.