add-voice-transcription

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs the agent to ask the user to provide their OpenAI API key and to embed that key into .env (OPENAI_API_KEY=), which requires the model to receive and handle the secret verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill downloads and transcribes user-generated WhatsApp voice notes (see Phase 2 merge mentioning src/channels/whatsapp.ts and Phase 4 "Test with a voice note" in SKILL.md), delivering the transcripts to the agent as [Voice: ] so untrusted third-party content can directly influence agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). I flag https://github.com/qwibitai/nanoclaw-whatsapp.git because the skill instructs adding that git remote and running git fetch/merge at runtime to pull in src/transcription.ts (and related code) which will be merged into and executed by the agent, directly altering its behavior.