ClawHub

Telegram Whisper Transcribe

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Telegram-to-OpenAI transcription bot, but it needs user review because it runs persistently with paid API credentials and weak privacy/credential handling controls.

Install only if you are comfortable running a persistent Telegram bot that uploads received audio to OpenAI and can spend your OpenAI API credits. Use a dedicated Telegram bot token, restrict who can message or add the bot, monitor usage, avoid passing real secrets directly on the command line, and rotate/remove the keys if you stop using it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill instructs users to use shell commands, create files, install packages, and handle environment-based secrets, but the metadata declares no permissions/capabilities. This mismatch is dangerous because it hides the real execution and secret-handling surface from reviewers and users, reducing informed consent and increasing the chance the skill is run in environments where shell and env access should be restricted.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The description emphasizes speed and cost but does not clearly warn that Telegram audio content is transmitted to OpenAI Whisper for third-party processing. This is a privacy and compliance risk because users may share sensitive voice messages without understanding that their content leaves Telegram and is sent to an external API provider.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The bot sends user-submitted audio to OpenAI's Whisper API for transcription, but the user-facing messages do not clearly disclose that recordings are transmitted to a third-party processor. For a Telegram bot handling voice content, this creates a real privacy and consent issue because users may reasonably assume processing is local or only within Telegram unless explicitly told otherwise.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The installer accepts sensitive credentials as positional command-line arguments and writes them to a persistent .env file. Command-line arguments can be exposed through shell history, process listings, or logging, and the script does not warn the user that secrets will be stored long-term for a background service.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The script creates a persistent user systemd service, enables it, and restarts it immediately without explicit confirmation. While not inherently malicious, silently installing and starting a background service changes user state in a lasting way and may surprise users or cause unintended continuous execution with stored API credentials.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal