ClawHub

OpenClaw Turbo-Bundle: Groq, OpenRouter & Elite TTS

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Groq/OpenRouter text-to-speech bundle with ordinary cloud API, dependency install, and local file overwrite risks but no evidence of deception or malicious behavior.

Install only if you trust the publisher and are comfortable sending TTS input text to Groq. Review the pip-installed packages, use a virtual environment, provide only the needed API keys, and avoid relying on an existing canvas/speech.wav file because the skill may overwrite it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
def run_cmd(cmd):
    print(f"Running: {cmd}")
    result = subprocess.run(cmd, shell=True, capture_output=True, text=True)
    if result.returncode != 0:
        print(f"Error: {result.stderr}")
    return result.stdout
Confidence
92% confidence
Finding
result = subprocess.run(cmd, shell=True, capture_output=True, text=True)

Missing User Warnings

Low
Confidence
88% confidence
Finding
The setup script automatically installs dependencies from requirements.txt and an additional package without prompting the user or showing what will be installed. In an agent-skill context, automatic package installation increases supply-chain risk because dependency contents may change, include malicious post-install hooks, or pull unexpected transitive packages.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill states that generation always writes to a fixed local path and filename (`speech.wav`) without warning about overwrite behavior, uniqueness, or user confirmation. This can silently replace prior files or agent-generated artifacts in a user-accessible directory, creating integrity and privacy risks if users rely on existing content in that location.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The script sends arbitrary user-provided text to Groq's external TTS API without any disclosure, consent prompt, or warning that the content leaves the local environment. This creates a privacy and data-handling risk because users may unknowingly submit sensitive text, credentials, or internal information to a third-party service.

Unpinned Dependencies

Low
Category
Supply Chain
Content
groq>=1.1.1
python-dotenv>=1.0.0
Confidence
95% confidence
Finding
groq>=1.1.1

Unpinned Dependencies

Low
Category
Supply Chain
Content
groq>=1.1.1
python-dotenv>=1.0.0
Confidence
98% confidence
Finding
python-dotenv>=1.0.0

Known Vulnerable Dependency: python-dotenv — 1 advisory(ies): CVE-2026-28684 (python-dotenv: Symlink following in set_key allows arbitrary file overwrite via )

Low
Category
Supply Chain
Confidence
91% confidence
Finding
python-dotenv

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal