salute speech

Transcribe audio files using Sber Salute Speech async API. Russian-first STT with support for ru-RU, en-US, kk-KZ, ky-KG, uz-UZ.

This skill appears to do what it says: it uploads a user-supplied audio file to Sber's Salute Speech service using the API key in SALUTE_AUTH_DATA and returns transcripts. Before installing, consider the following: - Protect SALUTE_AUTH_DATA: treat it like a secret (client_id:client_secret or an authorization key). The script uses it to obtain tokens. - Transport security: the client disables SSL verification (verify_ssl=False) and suppresses warnings. That makes network traffic (including tokens and audio uploads) susceptible to interception if you are on an untrusted network. If possible, verify the certificate chain and enable SSL checks. - Logs and stdout: the script prints server responses and token info; logs may expose tokens or API responses—avoid running on shared machines or configure logging to avoid leaking secrets. - Review the full source: although endpoints used are Sber domains, review the complete script (including truncated portion if any) before use to confirm there are no unexpected remote endpoints or file operations. - For sensitive audio, consider running the client in a controlled environment or using service-provided enterprise options that meet your security requirements. If you are comfortable with the SSL tradeoff (or can change the code to enable verification), the skill is coherent and appropriate for its stated purpose.

Type: OpenClaw Skill Name: salute-speech Version: 1.0.1 The skill bundle is classified as suspicious due to multiple critical vulnerabilities. The `salute_transcribe.py` script explicitly disables SSL/TLS verification (`verify_ssl=False`) for all network communications, as also noted in `SKILL.md`, creating a severe Man-in-the-Middle (MITM) risk. Furthermore, the script's `upload_file` method reads and uploads the content of any file specified by the `--file` argument to a third-party API, enabling potential data exfiltration if an agent is prompted to provide a sensitive file path. Lastly, the script allows writing arbitrary files to user-controlled directories via the `--output_dir` argument, which could be exploited through prompt injection to achieve persistence or other malicious actions on the host system.