ClawHub

voice-email

Security checks across malware telemetry and agentic risk

Overview

This skill’s Gmail, Telegram, and Deepgram access is sensitive but appears aligned with its disclosed voice-email purpose.

Install only if you are comfortable sending voice recordings and email content through Telegram, Deepgram, and Gmail, and store the required tokens/OAuth access in a secure environment. Before routine use, confirm the workflow gives you a chance to review recipients and message content before any email is sent.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (5)

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The guide instructs users to send voice and email content through Telegram, Deepgram, and Gmail, but does not clearly warn that sensitive message contents will be transmitted to third parties. In an accessibility-focused email skill, users may reasonably assume local handling, so the missing privacy disclosure increases the risk of unintentional exposure of personal or confidential data.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill explicitly sends voice recordings to Deepgram and email content through external services, but the documentation does not present this as a clear up-front user warning or consent requirement before use. For an accessibility-focused voice-email workflow, this can expose sensitive spoken content, recipient addresses, and message bodies to third parties without adequately informed user consent.

Credential Access

High
Category
Privilege Escalation
Content
credentials:
    - deepgram_api_key
    - telegram_bot_token
    - gmail_oauth  # via gogcli, stored in system keyring
  optional_credentials:
    - elevenlabs_api_key  # optional, for voice responses
  permissions:
Confidence
85% confidence
Finding
keyring

Credential Access

High
Category
Privilege Escalation
Content
- **Network**: Requires access to Telegram API, Deepgram API, Gmail API
- **Credentials**: 
  - gogcli stores OAuth tokens in system keyring
  - Deepgram key in openclaw.json (or environment)
  - ElevenLabs key in openclaw.json (optional)
- **Data**: Voice recordings processed by Deepgram, emails sent via user's Gmail
Confidence
84% confidence
Finding
keyring

Credential Access

High
Category
Privilege Escalation
Content
security:
  requires:
    - network
    - file_access
  credentials:
    - deepgram_api_key
    - telegram_bot_token
Confidence
79% confidence
Finding
access credentials

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal