ClawHub

Voice Notes Pro

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: transcribes WhatsApp voice notes with OpenAI and saves categorized notes locally, but users should review privacy and storage settings first.

Install only if you are comfortable sending WhatsApp voice notes to OpenAI for transcription and saving the resulting text locally. Change /root/notes to an appropriate user-owned notes directory, protect the OPENAI_API_KEY, review console log retention because transcripts are printed, and avoid storing sensitive third-party personal details without consent.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
The skill goes beyond transcription/categorization by maintaining and querying a people database, which creates a persistent store of personal data. In the context of voice notes, users may disclose sensitive information about third parties, and the skill writes and searches that data without any visible consent, minimization, or access-control safeguards.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger list contains broad, common phrases like requests to transcribe audio, add tasks, shopping items, people, or watchlist entries, which increases the chance of accidental invocation from normal conversation. In this skill, unintended activation is more dangerous because the action chain includes sending audio to an external service and persisting potentially sensitive content into local notes files.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill description says it transcribes WhatsApp voice notes with Whisper API and stores categorized results in Markdown, but it does not warn users that their audio is transmitted to a third-party service and then written to local files. This creates a meaningful privacy and consent risk, especially because voice notes often contain sensitive personal, financial, or contact information.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The people database feature explicitly supports adding and checking persons, but the documentation does not warn that personal data will be stored in a persistent local database. Because example entries include names and life details, the skill encourages collection of personally identifiable information without clear notice, minimization guidance, or access-control expectations.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill sends audio-derived content to an external transcription provider but does not disclose that voice data will leave the local environment. Voice notes often contain sensitive personal, financial, or health information, so silent third-party transfer creates a real privacy and compliance risk.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal