mlx-whisper

Security checks across malware telemetry and agentic risk

Overview

This appears to be a local voice-note transcription skill whose sensitive behavior is aligned with its stated purpose, with only documentation clarity issues to consider.

Install only if you are comfortable with Telegram or WhatsApp voice notes being downloaded, transcribed locally, and converted into text visible in the agent conversation. Expect internet access during first setup for the model download, then offline operation if configured as described.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Intent-Code Divergence

Low

Confidence: 97% confidence
Finding: L034 states 'Works fully offline', but elsewhere the same file says internet is required for the initial model download (L009, L076, L153). This is an active contradiction in the skill's own documentation about operational requirements.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The markdown explains that OpenClaw downloads incoming Telegram or WhatsApp voice notes and injects transcripts into message bodies, but it does not explicitly warn users about the privacy impact of automatic processing of personal audio content. Because this behavior affects user data and potentially sensitive spoken content, the skill description should include a clear disclosure before setup instructions.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal