Chatbot
PassAudited by ClawScan on May 1, 2026.
Overview
This is a coherent SenseAudio voice-chatbot guide, but it uses an API key and external real-time voice sessions that users should handle carefully.
Before using this skill, make sure you are comfortable sending voice/chatbot session data to SenseAudio, store the API key securely, keep provider tokens out of client-side logs or public code, and inform end users about voice and emotion-processing behavior.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing or using the skill may require giving the agent access to a SenseAudio API key, which can authorize actions on that service.
The skill requires and uses a SenseAudio API key for provider API calls, while the registry-level requirements say no environment variables are required.
required_credentials:
- name: SENSEAUDIO_API_KEY
description: API key from https://senseaudio.cn/platform/api-key
env_var: API_KEY ... headers = {"Authorization": f"Bearer {API_KEY}"}Use a dedicated, least-privileged API key, keep it server-side or in a secure environment variable, and rotate it if exposed.
Voice audio, conversation context, and session credentials may be sent through SenseAudio infrastructure; mishandled tokens could expose a live session.
The skill’s examples create provider-backed real-time voice sessions and handle room IDs, app IDs, and session tokens.
Build real-time voice chatbot applications with natural conversation flow, emotion recognition ... Use WebRTC or WebSocket for real-time audio ... session_info = {"room_id": room_id, "token": token, "app_id": app_id}Confirm user consent and privacy requirements for voice/emotion data, use HTTPS/WSS or secure WebRTC, avoid exposing provider API keys in client code, and treat room/session tokens as sensitive.