Back to skill
Skillv1.0.4
VirusTotal security
Meeting Assistant · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 2:26 PM
- Hash
- 667f5a5ec7fb36046cd6f4d9f0d39801cf6669bc8e334a964f6d1d49b6daa1fe
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: nowhitestar-meeting-assistant Version: 1.0.4 The bundle implements a sophisticated macOS meeting assistant that records system audio and microphone input using ScreenCaptureKit and AVFoundation. It exhibits several high-risk behaviors, including requesting sensitive TCC permissions (Screen Recording, Microphone, and Accessibility), installing multiple LaunchAgents for background persistence, and utilizing 'cloudflared' to create a reverse tunnel for receiving Google Calendar webhooks. While these capabilities are aligned with the stated purpose of meeting detection and recording, the combination of background audio/screen capture, accessibility-based window scraping, and remote network exposure via a tunnel represents a significant security risk and a broad attack surface. Specific files involved include 'scripts/audio_daemon.swift' for recording, 'scripts/run_calendar_services.py' for the tunnel, and 'scripts/setup.sh' for persistence configuration.
- External report
- View on VirusTotal