Back to skill
Skillv0.1.0
ClawScan security
Telegram Multilingual Voice Reply · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 21, 2026, 9:42 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code and runtime instructions match its stated purpose (local ASR + optional TTS for Telegram voice replies) and do not request unrelated credentials, network endpoints, or surprising system access.
- Guidance
- This skill appears internally consistent and implements local ASR/TTS as described. Before installing or running it, make sure you: (1) install mlx_audio and ffmpeg from trusted sources and be aware those installs will likely download large model files (network + disk usage); (2) run the scripts in an environment you control (container/venv) because they will execute local binaries and create temporary files; (3) avoid passing paths to sensitive files as the scripts operate on file paths you provide; (4) note the scripts call external CLIs found on PATH or ~/.local/bin — ensure those executables are the genuine tools you intend to use to prevent accidental execution of a replaced/malicious binary. If you need the agent to run in a more restricted environment, prefer isolating execution or denying network/model downloads.
Review Dimensions
- Purpose & Capability
- okThe name/description (Telegram multilingual voice reply) align with the included artifacts: SKILL.md describes local ASR/TTS behavior and the repository includes two helper scripts (mlx_asr.py and mlx_tts_voice.py) that implement those functions using mlx_audio and ffmpeg. The models named (Qwen3-ASR, Qwen3-TTS) are consistent with the stated approach.
- Instruction Scope
- okSKILL.md explicitly limits actions to: transcribing audio with the provided scripts, generating TTS, and sending a Telegram voice message with a caption that matches the voice. The instructions do not ask the agent to read unrelated files, access secrets, or call unknown external endpoints. The scripts operate on audio files provided to them and create temporary files as expected.
- Install Mechanism
- noteThere is no install spec (instruction-only), which reduces risk. However the scripts depend on external tooling (mlx_audio CLI or importable mlx_audio package and ffmpeg). Installing or running those tools may pull large model files from upstream (HuggingFace/other), which implies network activity and substantial disk use; this is expected for local ASR/TTS but worth noting.
- Credentials
- okThe skill requests no environment variables or credentials. The scripts look for a fallback CLI under the user's home (~/.local/bin) and use temporary files — both are reasonable for this use case. They do not read arbitrary config paths or secret env vars.
- Persistence & Privilege
- okThe skill is not always-on and does not modify other skills or system-wide config. It runs as-invoked and does not request elevated persistence or cross-skill access.