local-voice-agent Security Report — Trusted | ClawSafe

5 /100

local-voice-agent

Complete offline voice-to-voice AI assistant for OpenClaw (Whisper.cpp STT + Pocket-TTS). 100% local processing, no cloud APIs, no costs.

Legitimate offline voice-to-text and text-to-speech tool using Whisper.cpp and Pocket-TTS. All functionality is appropriate for the stated purpose with no malicious indicators.

Skill Namelocal-voice-agent

Duration40.9s

Enginepi

✓

Safe to install

No action required. The skill is safe to use.

Findings 2 items

Severity	Finding	Location
Info	Shell execution not explicitly declared SKILL.md does not document that subprocess is used to invoke ffmpeg and whisper-cli binaries. This is standard practice for audio processing tools and poses no security risk. `subprocess.run(['ffmpeg', '-i', audio_path, ...])` → Consider adding 'allowed-tools' declaration mentioning subprocess if this skill is used in a constrained environment	`lib/stt.py:55`
Info	Session key reference in config voice-agent.sh references a session_key from config. This appears to be for local OpenClaw AI integration and is not exfiltrated. `SESSION_KEY=$(grep "session_key:" "$CONFIG_FILE" ...)` → Verify session_key is not sent externally; current implementation only uses it locally	`bin/voice-agent.sh:98`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`NONE`	`WRITE`	✓ Aligned	temp file creation in lib/stt.py and lib/tts.py
Network	`READ`	`READ`	✓ Aligned	HTTP POST to local Pocket-TTS server in lib/tts.py
Shell	`NONE`	`WRITE`	✓ Aligned	subprocess.run() for ffmpeg and whisper-cli in lib/stt.py

2 findings

🔗

Medium External URL 外部 URL

https://discord.com/invite/clawd

README.md:304

🔗

Medium External URL 外部 URL

https://docs.openclaw.ai$

install.sh:25

File Tree

12 files · 52.2 KB · 2013 lines

Shell 6f · 720L Python 2f · 588L Markdown 2f · 583L YAML 1f · 79L Ignore 1f · 43L

├─ ▾ 📁 bin

│ ├─ 🔧 text-to-voice.sh Shell 129L · 3.6 KB

│ ├─ 🔧 voice-agent.sh Shell 302L · 9.3 KB

│ └─ 🔧 voice-to-text.sh Shell 109L · 2.9 KB

├─ ▾ 📁 config

│ └─ 📋 voices.yaml YAML 79L · 1.7 KB

├─ ▾ 📁 examples

│ ├─ 🔧 conversation-mode.sh Shell 20L · 564 B

│ └─ 🔧 morning-briefing.sh Shell 27L · 609 B

├─ ▾ 📁 lib

│ ├─ 🐍 stt.py Python 289L · 8.4 KB

│ └─ 🐍 tts.py Python 299L · 8.3 KB

├─ 📄 .gitignore Ignore 43L · 365 B

├─ 🔧 install.sh Shell 133L · 4.1 KB

├─ 📝 README.md Markdown 308L · 6.6 KB

└─ 📝 SKILL.md Markdown 275L · 5.7 KB

Dependencies 2 items

Package	Version	Source	Known Vulns	Notes
`requests`	`*`	pip	No	No version pinning
`pyyaml`	`*`	pip	No	No version pinning

Security Positives

✓ No credential harvesting or exfiltration detected

✓ No base64 encoded payloads or obfuscated code

✓ No reverse shell or C2 communication

✓ No access to sensitive paths (~/.ssh, ~/.aws, .env)

✓ No curl|bash or wget|sh remote script execution

✓ Network requests only to configured local TTS server (localhost)

✓ Uses standard, well-known open source components (Whisper.cpp, Pocket-TTS)

✓ 100% offline processing capability - no external API calls

✓ Proper error handling with informative messages

Scan Report

Findings 2 items

File Tree

Dependencies 2 items

Security Positives