ClawAudit verdict
senseaudio-voice
kid-point-voice-component
The skill uses SenseAudio and Edge TTS HTTP APIs for legitimate voice synthesis and recognition, stores audio locally, and all capabilities align with the stated purpose without evidence of credential exfiltration.
⚠ Flagged for review — coarse, uncorroborated signal, not a confirmed exploit. Review the config yourself before installing.
Automated static analysis — not a human review. ClawAudit flags capabilities, not confirmed intent, and can produce false positives. Disagree with this verdict? Use Dispute below.
Findings (7)
References sudo — requests elevated privileges
README.md · code · sudo
apt-get install — installs system packages
README.md · code · apt-get install
Accesses OpenClaw config/secrets directly
SKILL.md · prose · downgraded · ~/.openclaw/openclaw.json
subprocess execution — runs system commands from Python
scripts/tts.py · prose · downgraded · subprocess.run(
References agent memory files
NAME_CHANGE.md · prose · downgraded · MEMORY.md
Python os.environ.get — reads environment variable
scripts/asr.py · prose · downgraded · os.environ.get(
pip3 install — installs Python packages at runtime
scripts/setup.sh · prose · downgraded · pip3 install
Why the tier is capped
Execution sink present in raw bytes (Hard Floor: class D). Final tier capped at Caution — cannot be lifted by any downgrade, example-payload opt-in, or allowlist.
Permissions & capabilities
No declared permissions — minimal attack surface.
Is this flag fair?
Thanks — recorded.