ClawHub

Smart Meeting Notes

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent meeting-notes helper, but it automatically stores sensitive meeting content and may use transcription tools or services without clear consent and retention controls.

Review before installing. Use this skill only if you are comfortable with meeting notes being stored locally in ~/.openclaw/meetings/ and with recordings potentially being transcribed through local Whisper or an external API. Avoid confidential or regulated meetings unless you can control saving, deletion, and transcription-provider use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
84% confidence
Finding
The skill instructs the agent to invoke a local shell command (`which whisper` / `whisper [file] --output_format txt`) on user-supplied input. Even though the purpose is audio transcription, introducing command execution expands the attack surface and can enable unsafe handling of file paths, unexpected binaries in PATH, or privilege boundary issues if the runtime executes shell commands directly.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill mandates saving all meeting notes to `~/.openclaw/meetings/` without explicit consent or a clear user-facing warning. Meeting notes often contain sensitive business, HR, legal, or personal information, so silent persistence creates confidentiality and retention risks, especially on shared machines or systems with backups/sync enabled.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill loads the most recent meeting notes from disk when asked to follow up, but it does not warn that historical meeting data will be accessed. This can expose prior confidential notes beyond the user's immediate intent, especially if multiple users share the environment or if old notes contain sensitive topics unrelated to the current request.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The workflow recommends using the OpenAI Whisper API without warning that audio or transcript content may leave the local device. Meeting recordings frequently contain sensitive or regulated information, so off-device transmission without disclosure can violate user expectations, privacy requirements, or organizational policy.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal