Voice UI
Self-evolving voice assistant UI. Talk to your AI, ask it to improve itself, and watch the code update in real-time.
MIT-0 · Free to use, modify, and redistribute. No attribution required.
⭐ 0 · 1.5k · 2 current installs · 2 all-time installs
MIT-0
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill claims a self‑evolving voice UI and does call an OpenClaw agent and OpenAI (Whisper/TTS), which is plausible. However the registry metadata lists no required env vars while SKILL.md and the server expect OPENAI_API_KEY. The server also hardcodes a single-user OpenClaw binary path (/Users/yuki/...) and CONTEXT.md refers to that same user workspace path — these are environment-specific and not declared in the manifest, which is inconsistent.
Instruction Scope
SKILL.md/CONTEXT.md instruct the agent to edit local files (index.html in a workspace) and to auto‑git commit changes ('git add -A && git commit ...'). The server forwards user messages to the local OpenClaw CLI, which could cause the agent to perform arbitrary local edits. The client fetches /api/key and uses that key in browser-origin requests (client-side calls to OpenAI). The runtime instructions therefore permit automated modification of local code + commits and expose an API secret to client JavaScript — both are broader privilege/scope than a simple UI widget.
Install Mechanism
No external download/install spec; the package is instruction + code that npm install will pull 'ws' from npm (package-lock.json references npm registry). There is no remote archive or URL shortener in the install path. Risk arises from running the bundled start.sh/node server rather than from a dangerous installer mechanism.
Credentials
The package implicitly requires an OpenAI API key (OPENAI_API_KEY) though the registry shows none. start.sh tries to extract the key from ~/.openclaw/openclaw.json, and the server serves that key via GET /api/key. The server also depends on an OpenClaw CLI at a hardcoded user path. Requiring the user's OpenAI key and local OpenClaw CLI is plausible for Whisper/TTS and self‑editing behavior, but the lack of explicit declaration and the way the key is exposed are disproportionate and risky.
Persistence & Privilege
always:false (normal). The skill does not request permanent platform privileges, but it is designed to allow an OpenClaw agent to edit files in your workspace and automatically commit them. That file‑write/commit behavior is part of its purpose but is a high‑impact action that you should only allow if you trust the agent and code. The skill does not appear to alter other skills' configs, but it reads ~/.openclaw config files on startup.
What to consider before installing
Key points to consider before installing:
- Secret exposure: The server exposes OPENAI_API_KEY via GET /api/key and sets Access-Control-Allow-Origin: *. That means webpages on other origins can read your API key from the running local server — remove or restrict this endpoint before use. A safer design is to keep the API key on the server side and perform OpenAI requests from server endpoints only.
- Manifest mismatch: The registry claims no required env vars, but SKILL.md, start.sh, and server.cjs expect OPENAI_API_KEY and a local OpenClaw CLI. Treat the manifest as incomplete and assume the skill needs those secrets and a local OpenClaw binary.
- Hardcoded paths: server.cjs and CONTEXT.md reference /Users/yuki/... and a specific OpenClaw binary path. Edit the code to make the OpenClaw path and workspace configurable (do not run code that assumes another user's home).
- Self‑editing & auto‑commit: The skill is explicitly designed to let an agent modify local files and auto‑git commit changes. That is powerful but dangerous — only run it in a directory you trust, and review diffs before pushes. Consider running inside a disposable VM/container or a throwaway git repo until you verify behavior.
- What to change before running: restrict CORS, remove or lock down /api/key, make OPENCLAW path and workspace configurable via environment variables, and ensure start.sh does not silently cat your ~/.openclaw file if you don't want that. Audit the OpenClaw 'voice' agent configuration and permissions (what tools it can invoke, whether it can run shell commands or push to remote repos).
- How to test safely: run in an isolated container or ephemeral user account without network access to sensitive remotes; start the server without an API key first to see error behavior; inspect console logs; and run git status/diff before allowing any auto-commit/push.
Given the mismatches and the exposed API key behavior, treat this skill as suspicious until you harden it and confirm it only performs actions you approve.Like a lobster shell, security has layers — review code before you run it.
Current versionv1.0.0
Download ziplatest
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
SKILL.md
Voice UI
自己進化型AIアシスタントUI - 音声で会話しながら自分自身を改善できる
機能
- 🎤 音声認識 (Whisper)
- 🔊 音声合成 (TTS)
- 🤖 かわいいロボットUI(表情変化)
- 🔄 自己進化(UIの変更を音声で指示)
- 📝 自動Gitコミット
セットアップ
cd <workspace>/skills/voice-ui
npm install
./start.sh
ブラウザで http://localhost:8765 を開く
必要な設定
OpenClaw config (~/.openclaw/openclaw.json) に voice agent を追加:
{
"agents": {
"list": [{
"id": "voice",
"name": "Voice Assistant",
"model": { "primary": "anthropic/claude-sonnet-4-5" }
}]
}
}
使い方
- マイクボタンをタップ(またはスペースキー長押し)
- 話しかける
- AIが返答
自己進化コマンド
- 「背景を青にして」→ CSSを自動編集
- 「ボタンを大きくして」→ スタイルを変更
- 「新機能を追加して」→ JSを編集
変更は自動でGitコミットされる。
ファイル構成
index.html- メインUIserver.cjs- Node.jsサーバーstart.sh- 起動スクリプトCONTEXT.md- AIへのコンテキスト情報
環境変数
OPENAI_API_KEY- OpenAI API Key(Whisper/TTS用)
設定がない場合、OpenClawの設定から自動取得を試みる。
Files
8 totalSelect a file
Select a file to preview.
Comments
Loading comments…