ClawHub

Audio Note Taker

Security checks across malware telemetry and agentic risk

Overview

This is a user-run audio transcription helper, but its docs overpromise some features and users should know audio is sent to OpenAI and notes are saved locally.

Install only if you are comfortable sending selected recordings to OpenAI or a configured compatible provider. Avoid confidential or regulated recordings unless approved, use a limited API key where possible, choose a secure output path, and manually verify results because speaker labels, summaries, action items, and some output formats are not actually implemented.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill documentation indicates access to environment variables and file output behavior, but it does not declare permissions explicitly. This creates a transparency and consent problem: users may not realize the skill reads secrets such as OPENAI_API_KEY and writes generated notes to disk, which can expose sensitive audio-derived content or overwrite files unexpectedly.

Tp4

High
Category
MCP Tool Poisoning
Confidence
94% confidence
Finding
The documented behavior overstates capabilities and omits important external data flows, especially that audio is sent to an external OpenAI API. Misrepresenting implemented features such as speaker detection, summarization, and action-item extraction can cause users to trust outputs or privacy properties that do not actually exist, leading to data exposure, operational mistakes, and unsafe reliance on incomplete processing.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill lacks a clear warning that uploaded audio may be transmitted to third-party APIs for transcription or summarization and that resulting notes are written to files. For a voice-note tool, recordings often contain highly sensitive business or personal information, so missing disclosure materially increases privacy and compliance risk.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill uploads the provided audio file to a remote transcription API, but the user-facing flow does not clearly warn that local audio contents will leave the machine and be processed by a third party. In a note-taking context, recordings may contain meetings, personal data, credentials, or confidential business information, so silent transmission creates a real privacy and data-handling risk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal