Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Audio Command Executor
v1.0.0Processes inbound audio files, transcribes them, and answers to resulting texts. Converts non-WAV inputs to WAV before transcription.
⭐ 0· 46·1 current·1 all-time
bySirko@sirkovz
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (convert to WAV, transcribe, answer) align with the SKILL.md workflow. However the metadata claims no required binaries or config paths while the instructions explicitly call ffmpeg and a local whisper-cli binary and model files under /home/sirko/.openclaw/…. That mismatch (declared 'none' vs instructions requiring specific binaries/paths) is incoherent and should be resolved before installing.
Instruction Scope
The SKILL.md directly instructs the agent to run system commands (ffmpeg and /home/sirko/.openclaw/.../whisper-cli) and to read files from absolute paths under /home/sirko/.openclaw/media/inbound/ and the whisper model path. It does not tell the agent to reach external services, but it does assume access to a specific user's home paths and local binaries—this can give the skill broad local filesystem access and may leak or require data the user didn't intend to expose. The instructions are otherwise narrowly scoped to transcription and answering in German.
Install Mechanism
There is no install spec (instruction-only), so nothing will be written to disk by the skill installer. However, the runtime assumes local binaries (ffmpeg and whisper-cli) and model files exist; the skill will try to execute them when invoked. The lack of declared runtime requirements is a practical gap (not an install risk), but it means the agent may fail or behave unexpectedly if those binaries/paths are absent or point to undesired locations.
Credentials
requires.env and primary credential are empty, but the instructions require access to specific config/data paths (/home/sirko/.openclaw/...) and a local model binary. The skill references these paths without declaring them as required config paths. Hard-coded absolute paths tied to a particular user are disproportionate and may expose or require access to unrelated local files. No secrets are requested, but privileged filesystem access is implied.
Persistence & Privilege
The skill is not marked always:true and doesn't request persistent/autonomous elevation beyond the normal agent invocation. It does not attempt to modify other skills or system configuration in the instructions. Autonomous invocation is allowed (default) — combined with the filesystem access concerns above this increases blast radius, but by itself it's expected.
What to consider before installing
This skill appears to do what it says (convert audio, transcribe, answer), but the runtime instructions expect local programs and files that the skill metadata does not declare. Before installing or enabling it: 1) Confirm where ffmpeg and whisper-cli (and the ggml model file) are installed on your system, or update the SKILL.md to use configurable paths or environment variables rather than hard-coded /home/sirko/… paths. 2) Ensure the agent is allowed to read the inbound media directory and the model file — if you don't trust the source, run it in a sandbox/container so transcription binaries can't access other files. 3) Add explicit required-binaries/required-config-paths to the skill metadata so you know what will be invoked. 4) Test with non-sensitive audio first. 5) If you want to limit risk, require the skill to operate on files copied to a controlled temporary directory (not an existing user home path) and avoid granting it broad filesystem permissions.Like a lobster shell, security has layers — review code before you run it.
latestvk977tk7xabv8p3n77javz3893h83w1np
License
MIT-0
Free to use, modify, and redistribute. No attribution required.