Is ilyakam/asr safe?

https://github.com/openclaw/skills/tree/main/skills/ilyakam/asr

54
CAUTION

This skill accesses multiple sensitive credential files during installation while also providing external network communication capabilities through its bash script. The unauthorized credential file access is not justified by the stated audio transcription functionality and creates a significant security risk.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 0/100 · 25%
Code Execution 80/100 · 20%
Clone Behavior 20/100 · 10%
Canary Integrity 70/100 · 10%
Behavioral Reasoning 10/100 · 5%

Findings (5)

CRITICAL Unauthorized Access to Sensitive Credential Files -100

During installation, the skill accessed multiple sensitive credential files including SSH private keys, AWS credentials, Docker configuration, NPM configuration, and Google Cloud credentials. This behavior is not justified by the skill's stated purpose and indicates potential data exfiltration capabilities.

HIGH Executable Script with External Network Access -20

The skill includes a bash script that makes HTTP requests to external APIs (speechischeap.com) and processes user-controlled input. While this appears legitimate for the stated transcription functionality, it provides a vector for potential abuse.

HIGH Suspicious File Access During Installation -80

The skill installation process accessed credential files that are unrelated to its audio transcription functionality, suggesting potential reconnaissance or data harvesting behavior.

MEDIUM Canary File Access Detected -30

While canary files were not modified, they were accessed during the installation process, indicating the skill has the capability to read sensitive files.

CRITICAL High Risk Attack Vector -90

The combination of credential file access and external network capabilities creates a significant attack vector. An attacker could use this skill to exfiltrate credentials and establish persistent access to the system.