Back to skill
Skillv1.0.1
VirusTotal security
Argmax Transcription and TTS · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 5:01 AM
- Hash
- c9fcb1e6bfb997a11ff8a4916791caea1d54f2623b82b703fd012376c9aae9d3
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: argmax-cli Version: 1.0.1 The OpenClaw AgentSkills bundle for `argmax-cli` (whisperkit-cli) appears benign. It defines a legitimate on-device speech-to-text and text-to-speech functionality using the `whisperkit-cli` tool. Installation is via Homebrew, and all described operations involve local file processing (`/tmp/`) or a local API server (`127.0.0.1`). There is no evidence of intentional data exfiltration, malicious execution, persistence mechanisms, or prompt injection attempts against the OpenClaw agent itself. While passing user/LLM-controlled text to CLI arguments (e.g., `--prompt`, `--instruction`, `{{llm_response}}`) could introduce vulnerabilities if the agent or the `whisperkit-cli` tool does not properly sanitize inputs, this is a potential vulnerability in the execution environment rather than malicious intent within the `SKILL.md` instructions.
- External report
- View on VirusTotal