ClawHub

多语种音频翻译助手

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a real audio translator, but it needs review because it can install unpinned packages during use and sends speech-derived text to third-party services.

Review the scripts before installing, prefer running them in a virtual environment, and avoid sensitive audio unless you accept sending its text to MyMemory and edge-tts. Pin dependencies and fix the dynamic python -c handling before trusting it for untrusted audio or URLs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Findings (8)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill declares tools with clear file, shell, and network capabilities but does not declare corresponding permissions, which weakens transparency and policy enforcement. This can lead users or the host platform to underestimate that the skill can read local files, write outputs, download remote content, and invoke shell commands.

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
The script installs Python packages on the host at runtime using pip, which changes the user's environment beyond the declared purpose of translating audio. This creates supply-chain and integrity risk because package installation executes code from external dependencies and can persist software changes on the system.

Description-Behavior Mismatch

Medium
Confidence
98% confidence
Finding
The script sends recognized speech text to the external MyMemory translation API, but the skill metadata does not disclose that user-derived content leaves the local machine. Audio transcripts often contain sensitive personal or business data, so undisclosed third-party transmission is a real privacy and data-governance issue.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill sends transcribed text to MyMemory and uses networked TTS, but the documentation does not clearly warn users that their audio-derived content may leave the local environment. Because audio often contains sensitive personal or business information, silent external transmission creates a privacy and data-handling risk.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The workflow transmits text extracted from user audio to external translation services and also uses an external TTS service, yet there is no explicit privacy warning or consent flow. In this skill context, the data being processed is directly derived from user speech, which increases the sensitivity of the transmission.

External Transmission

Medium
Category
Data Exfiltration
Content
### 步骤3: 翻译(MyMemory API)

```bash
curl -s "https://api.mymemory.translated.net/get?q=<文本>&langpair=<源>|<目标>"
```

### 步骤4: 目标语言语音合成(edge-tts)
Confidence
94% confidence
Finding
https://api.mymemory.translated.net/

Unpinned Dependencies

Low
Category
Supply Chain
Content
faster-whisper
edge-tts
Confidence
95% confidence
Finding
faster-whisper

Unpinned Dependencies

Low
Category
Supply Chain
Content
faster-whisper
edge-tts
Confidence
95% confidence
Finding
edge-tts

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal