Wyoming Clawdbot

The skill is classified as suspicious due to several high-risk capabilities, despite lacking clear evidence of intentional malicious behavior. The `docker-compose.yml` file uses `network_mode: host`, granting the container full access to the host's network stack, and mounts `${HOME}/.clawdbot` from the host, exposing potentially sensitive configuration or credentials. Additionally, the `wyoming_clawdbot.py` script executes the `clawdbot` CLI tool using `asyncio.create_subprocess_exec` with user-controlled input (`transcript.text`), which, while implemented to mitigate direct shell injection, still represents a potential command injection vector if the `clawdbot` executable itself is vulnerable. These capabilities, while potentially necessary for the stated purpose, introduce significant security risks.