Back to skill

Security audit

ClawVoice

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed local voice-to-WebSocket bridge for OpenClaw, with some privacy and session-control cautions but no evidence of hidden, destructive, or exfiltrating behavior.

Use this only with a trusted local voice server or trusted WebSocket endpoint, avoid sending highly sensitive speech through bridge mode, run agent sessions with `--timeout` when possible, and stop the bridge when the voice session is over.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill instructs the agent to use a live WebSocket voice session and to communicate through a bundled client, but it does not warn that user speech is transmitted over that socket and may be exposed to a local service. This creates a transparency and privacy problem because users and operators may not realize that spoken content leaves the immediate interaction boundary and is processed by another component.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The agent-bridge mode continuously forwards all user messages to another agent process and returns captured stdout back to the user, yet the skill provides no explicit warning about this behavior. This is dangerous because sensitive spoken content may be relayed to an additional processing boundary and arbitrary stdout from the downstream agent may be surfaced to the user, increasing privacy leakage and unintended data exposure risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.