Environment variable access combined with network send.
- Code
- suspicious.env_credential_access
- Location
- app/api/session/route.ts:10
- Evidence
const REALTIME_MODEL = process.env.OPENAI_REALTIME_MODEL ?? "gpt-realtime";
Security audit
Security checks across malware telemetry and agentic risk
This is a coherent local voice-agent app, but it exposes powerful OpenAI and OpenClaw actions through web endpoints that are not clearly authenticated beyond the private network boundary.
Install only if you will keep this app reachable only by trusted devices and users. Keep the default localhost binding, use Tailscale rather than a public tunnel, set a strong CALL_MY_AGENT_CALL_TOKEN before remote use, and understand that anyone who can reach the app may be able to start voice sessions using your OpenAI access, invoke your OpenClaw agent, schedule reminders, or read/write this app's local capture state.
59/59 vendors flagged this plugin as clean.
Detected: suspicious.env_credential_access, suspicious.exposed_secret_literal
const REALTIME_MODEL = process.env.OPENAI_REALTIME_MODEL ?? "gpt-realtime";
await session.connect({ apiKey: [REDACTED] });