Telegram Voice Messaging Recovery
WarnAudited by ClawScan on May 10, 2026.
Overview
This looks like a plausible OpenClaw voice recovery helper, but it is not truly offline, sends TTS text to a hosted Edge/Microsoft service, has an incomplete installer, and contains unsafe command construction for audio files.
Do not install this expecting a fully offline/private voice system. Review and fix the unsafe audio command handling, confirm whether you are comfortable sending TTS text to Edge/Microsoft, and require the missing transcribe-audio file plus clearer dependency/install declarations before use.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Users may install it believing voice processing stays offline, while generated reply text can depend on an external hosted TTS provider.
The user-facing description promises offline operation, but the included code uses Edge/Microsoft TTS hosted service. This could cause users to trust the skill as local/private when it is not.
Description: Complete offline voice system with high-quality Lessac TTS and faster-whisper speech recognition. Provides natural voice conversations without internet.
Remove the offline/no-internet claim unless the skill is changed to fully offline TTS, and clearly disclose Microsoft/Edge TTS and any other network downloads before installation.
Assistant reply text, potentially including conversation content, may be sent to a hosted Microsoft/Edge TTS service for synthesis.
The TTS wrapper passes the text to the edge_tts provider; the installer also describes Edge TTS as a hosted voice service. The external data boundary is not clear in the registry description.
communicate = Communicate(text=text, voice=voice, rate=rate, pitch=pitch, volume=volume)
Require explicit user awareness/consent for hosted TTS, document provider behavior and retention assumptions, and offer a truly local TTS option if offline privacy is required.
If the helper is invoked on a crafted audio path, it could run unintended local commands with the OpenClaw user's privileges.
The audio_file argument is interpolated into a shell command and executed with shell=True. A filename containing shell metacharacters or quotes could alter the command.
cmd = f"ffmpeg -i '{audio_file}' -ar 16000 -ac 1 '{wav_file}' -y 2>/dev/null"; subprocess.run(cmd, shell=True, check=True)Use subprocess.run with an argument list and no shell, validate/normalize audio paths, and avoid interpolating paths into Python -c strings.
Installation may fail, or users may be forced to obtain an unreviewed helper script from elsewhere for the core transcription path.
The installer depends on scripts/transcribe-audio, but that file is not present in the provided manifest/full contents. This is an incomplete package/provenance gap for the transcription entrypoint.
cp "$SKILL_DIR/scripts/transcribe-audio" "$INSTALL_DIR/"
Include and scan the transcribe-audio helper in the package, declare the installer and dependencies in metadata, and pin dependency versions where practical.