Back to plugin

Security audit

Call My Agent

Security checks across malware telemetry and agentic risk

Overview

This is a coherent local voice-agent app, but it exposes powerful OpenAI and OpenClaw actions through web endpoints that are not clearly authenticated beyond the private network boundary.

Install only if you will keep this app reachable only by trusted devices and users. Keep the default localhost binding, use Tailscale rather than a public tunnel, set a strong CALL_MY_AGENT_CALL_TOKEN before remote use, and understand that anyone who can reach the app may be able to start voice sessions using your OpenAI access, invoke your OpenClaw agent, schedule reminders, or read/write this app's local capture state.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

59/59 vendors flagged this plugin as clean.

View on VirusTotal

Static analysis

Detected: suspicious.env_credential_access, suspicious.exposed_secret_literal

Environment variable access combined with network send.

Critical
Code
suspicious.env_credential_access
Location
app/api/session/route.ts:10
Evidence
const REALTIME_MODEL = process.env.OPENAI_REALTIME_MODEL ?? "gpt-realtime";

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
app/page.tsx:324
Evidence
await session.connect({ apiKey: [REDACTED] });