Back to skill
Skillv1.0.2
VirusTotal security
Local Whisper · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 4:31 AM
- Hash
- c99aa84e246dcfd2f4435565ef87d112da8d12d590c044aff467067bc2dd8cbc
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: whisper-cpp Version: 1.0.2 This skill bundle is designed to install and configure local whisper.cpp for speech-to-text within OpenClaw. All scripts (install_whisper_cpp.sh, download_models.sh, install_wrapper.sh, patch_openclaw_audio.sh, cleanup_build.sh) perform actions directly related to this purpose, such as cloning the official whisper.cpp repository, compiling it, downloading models from Hugging Face, installing binaries to user-local directories (~/.local/bin, ~/.local/lib), and configuring OpenClaw via its CLI. The `bin/openclaw-whisper-stt.sh` wrapper script correctly quotes input paths when calling `ffmpeg` and `whisper-cli`, mitigating potential command injection vulnerabilities. The SKILL.md instructions are clear and do not contain any prompt injection attempts to manipulate the agent into malicious or hidden actions. No evidence of data exfiltration, unauthorized network activity, persistence mechanisms, or obfuscation was found.
- External report
- View on VirusTotal