Back to skill

Security audit

Azure Ai Voicelive Py

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only Azure voice SDK skill, and its microphone, transcription, credential, and cloud streaming behavior matches its stated purpose.

Install only if you intend to build an Azure-hosted voice application. Use least-privilege Azure credentials, avoid hardcoded API keys, obtain consent before recording or streaming speech, minimize sensitive audio and transcripts, protect any generated audio files, and review real function or MCP tools before allowing model-selected calls to perform actions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (5)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The documentation instructs developers to stream microphone audio and surface transcripts to Azure AI, but it does not clearly warn that captured speech and derived text are transmitted to a remote service and may contain sensitive personal or organizational data. In a real-time voice skill, this omission can lead to unintentional collection and disclosure of private conversations, especially if developers enable microphone capture by default or use the examples without adding consent flows.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The examples show microphone audio and speech transcriptions being streamed to a remote Azure service, but the documentation does not clearly warn users that live voice data leaves the local device. This can lead developers to integrate or test with real user audio without informed consent, privacy review, or appropriate data-handling controls.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The audio file example reads local audio content, uploads it to a remote service for processing, and writes returned audio to disk, but it does not warn users about either data transfer or local artifact creation. This omission increases the risk of accidentally sending sensitive recordings off-device or storing generated audio in insecure locations.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The avatar example establishes a WebRTC-based remote media session and may exchange audio, metadata, and session connectivity details, but the markdown does not disclose that this creates an external media connection. Users may not realize they are enabling remote streaming behavior with additional privacy and network exposure considerations.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The transcription-only example continuously streams microphone input for remote speech-to-text processing without an explicit warning that spoken content is transmitted off-device. In practice, this can capture sensitive ambient or user speech and expose organizations to privacy, consent, or regulatory issues if developers deploy it without safeguards.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.