← Back to Skills Marketplace
951
Downloads
0
Stars
1
Active Installs
20
Versions
Install in OpenClaw
/install webchat-voice-proxy
Description
⚠️ DEPRECATED — This skill has been split into two separate skills for better modularity: **webchat-https-proxy** (HTTPS/WSS reverse proxy) and **webchat-voi...
Usage Guidance
What to consider before installing:
- This skill makes persistent, local changes: it copies a JS asset into your Control UI, injects a <script> tag into index.html, appends allowedOrigins to ~/.openclaw/openclaw.json, installs a user-level systemd service, and installs a gateway startup hook that re-injects the script after updates. Review these exact changes (deploy.sh, inject.sh, uninstall.sh) before running deploy.sh.
- By default the proxy binds to 127.0.0.1 (local-only). Only set VOICE_HOST to a LAN IP if you intentionally want other devices on the network to reach the proxy — that will expose the gateway WebSocket and transcription endpoint to the LAN. If exposed, the proxy enforces a Bearer token matched to the gateway token (read from your openclaw.json) — but you must ensure the LAN is trusted and consider rate-limiting/monitoring.
- The skill reads your gateway auth token from ~/.openclaw/openclaw.json and the client reads it from Control UI localStorage to authenticate /transcribe calls. This is necessary for proper authorization but means the skill accesses a local sensitive value — back up your config if you are concerned.
- The proxy generates a self-signed cert by default (you'll see browser warnings). You can supply VOICE_CERT/VOICE_KEY to use your own certs.
- The skill requires a local faster-whisper transcription service (http://127.0.0.1:18790/transcribe) to be running before deploying; the scripts validate aiohttp and prefer a venv.
- The package contains an uninstall.sh which attempts to remove the service, hook, injected script, and certs; test uninstall in a safe environment if you need guarantees.
- Recommended steps: inspect deploy.sh, inject.sh, https-server.py and voice-input.js yourself; run deploy.sh with defaults (localhost) first; do not set VOICE_HOST to a LAN IP unless you understand the exposure; keep backups of ~/.openclaw/openclaw.json and your Control UI index.html before installing.
Capability Analysis
Type: OpenClaw Skill
Name: webchat-voice-proxy
Version: 0.2.3
The webchat-voice-proxy skill provides voice-to-text capabilities for the OpenClaw WebChat UI by deploying a local HTTPS/WSS reverse proxy and injecting a microphone interface. The code demonstrates high security awareness, featuring strict regex-based input validation in scripts/deploy.sh, path traversal protection in the Python-based assets/https-server.py, and secure subprocess handling in hooks/handler.ts. While it establishes persistence via a user-level systemd service and a gateway startup hook, these actions are clearly documented and necessary for the stated functionality, with no evidence of malicious intent or unauthorized data exfiltration.
Capability Assessment
Purpose & Capability
The skill claims to provide an HTTPS/WSS proxy, inject a mic UI, and forward audio to a local transcription service — and the included files (https-server.py, voice-input.js, deploy/uninstall scripts, hook) implement exactly those behaviors. Required modifications (index.html injection, copying voice-input.js, systemd user service, editing ~/.openclaw/openclaw.json allowedOrigins) are consistent with enabling a proxied Control UI and are expected for this feature.
Instruction Scope
The runtime instructions and scripts intentionally modify gateway config (append allowedOrigins), write into the npm-installed Control UI, install a user systemd service, and create a gateway startup hook that re-injects the UI script. They also read the gateway auth token from ~/.openclaw/openclaw.json (https-server.py) and the token from Control UI localStorage (voice-input.js) to authenticate /transcribe requests. This is necessary for the feature but means the skill touches and reads local gateway configuration and Control UI files — review these changes before running deploy.sh.
Install Mechanism
There is no remote download/extract install; deploy.sh copies bundled assets into user workspace and system locations, creates a systemd user unit, and installs local hook files. No external archive or URL downloads are performed by the skill, minimizing supply-chain risk. The scripts prefer a local venv for Python/aiohttp and otherwise require the admin to have dependencies installed.
Credentials
The skill uses several environment variables (VOICE_HTTPS_PORT, VOICE_HOST / VOICE_BIND_HOST, VOICE_ALLOWED_ORIGIN, VOICE_LANG and optional VOICE_CERT/VOICE_KEY/VOICE_TRANSCRIBE_URL/VOICE_GATEWAY_WS). Reading the gateway token from ~/.openclaw/openclaw.json is required to validate requests when exposed beyond localhost; this is a sensitive local config read but proportionate to implementing authenticated /transcribe access. The SKILL.md and scripts validate most user inputs; a small set of env vars (VOICE_CERT, VOICE_KEY, VOICE_TRANSCRIBE_URL, VOICE_GATEWAY_WS) are not validated in code but are intended to be set by an admin — acceptable for this threat model.
Persistence & Privilege
The skill installs a persistent user systemd service (openclaw-voice-https.service) and a gateway startup hook (voice-input-inject) that re-injects the UI after updates. This is documented and limited to user-level privileges (no sudo/root). Persistence is expected for a service that must survive reboots and gateway updates, but it is a non-trivial system change — the included uninstall.sh attempts to fully revert these changes.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install webchat-voice-proxy - After installation, invoke the skill by name or use
/webchat-voice-proxy - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.2.3
MIT license added; republished deprecated monolith skill with explicit repository license.
v0.2.2
Deprecate monolith skill; replaced by webchat-https-proxy + webchat-voice-gui. Use webchat-voice-full-stack for one-step install.
v0.3.2
Refresh tags: security-hardening + auth-aligned transcribe endpoint; improved discoverability tags.
v0.3.1
Security hardening: localhost-by-default binding/origins, transcribe auth alignment with webchat token flow, stricter input validation, uninstall cleanup, audit report.
v0.3.0
Push-to-Talk + Toggle mode, keyboard shortcuts (Ctrl+Space PTT, Ctrl+Shift+M), i18n (en/de/zh), interactive language selection, all hardcoded paths removed, dynamic path detection
v0.2.1
- Added real-time voice activity (VU meter) visualization to the mic button UI.
- Expanded documentation with structured `requires`, `env`, and `persistence` fields.
- Added documentation for CORS policy configuration via `VOICE_ALLOWED_ORIGIN`.
- Improved clarity on what system/config files are affected during install and uninstall.
- No changes to dependencies or installation scripts.
v0.2.0
v0.2.0: Added recording pulse animation and processing hourglass spin. No logic changes from v0.1.9 — animations only.
v0.1.12
Added uninstall.sh script to fully revert all system changes. Added detailed system modifications table and revert instructions to SKILL.md for transparency.
v0.1.11
Added gateway startup hook (voice-input-inject) to skill package. Deploy now auto-installs hook so voice-input.js survives openclaw updates. Made inject.sh portable (no hardcoded paths).
v0.1.10
Improved discoverability: expanded description with voice input, mic button, WebChat, STT, MediaRecorder keywords
v0.1.9
Added short/low-confidence/no-speech filtering support in voice input flow and stabilized recording UX.
v0.1.8
Stability update: fixed multi-record cycle (2nd/3rd recording), robust mic button event handling, and stable recording/processing state transitions.
v0.1.7
Bundled latest UI implementation (mic/stop/hourglass states + animations) and bundled runtime assets (voice-input.js, https-server.py) into skill deploy.
v0.1.6
Ranking tune: stronger OpenClaw/WebChat/Local/No-API naming and tags for discoverability.
v0.1.5
Searchability update: added OpenClaw/WebChat/microphone/local/no-API-cost keywords and local-first wording.
v0.1.4
Updated description to explicitly reference faster-whisper-local-service and webchat-voice-full-stack.
v0.1.3
Added references to companion skills: faster-whisper-local-service (backend) and webchat-voice-full-stack (meta installer).
v0.1.2
Made deployment host/IP-agnostic: dynamic VOICE_HOST + VOICE_HTTPS_PORT, computed allowedOrigins, updated docs/troubleshooting.
v0.1.1
Added explicit prerequisite: local faster-whisper HTTP service (openclaw-transcribe.service on 127.0.0.1:18790), with verification and troubleshooting steps.
v0.1.0
Initial release: HTTPS+WSS proxy, voice input deploy/status scripts, reboot-safe cert handling, troubleshooting.
Metadata
Frequently Asked Questions
What is WebChat Voice Proxy?
⚠️ DEPRECATED — This skill has been split into two separate skills for better modularity: **webchat-https-proxy** (HTTPS/WSS reverse proxy) and **webchat-voi... It is an AI Agent Skill for Claude Code / OpenClaw, with 951 downloads so far.
How do I install WebChat Voice Proxy?
Run "/install webchat-voice-proxy" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is WebChat Voice Proxy free?
Yes, WebChat Voice Proxy is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does WebChat Voice Proxy support?
WebChat Voice Proxy is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created WebChat Voice Proxy?
It is built and maintained by neldar (@neldar); the current version is v0.2.3.
More Skills