Connects voice transcripts and agent responses through hotbutter.ai hosted relay for remote voice interaction with openclaw agents.
Security Analysis
high confidenceThe skill does what it says: it relays transcribed speech and agent stdout through hotbutter.ai and runs the local openclaw CLI; its files and instructions are internally consistent with that purpose.
Name/description, SKILL.md, and included code all match: the skill connects to a hosted relay (wss://hotbutter.ai), accepts transcribed text from a browser, runs `openclaw agent --session-id <id> -m <text>` locally, and returns stdout back through the relay. The requirement for the `openclaw` CLI is expected and justified.
Runtime instructions and code stay within the advertised scope. The skill reads/writes a local config (~/.hotbutter), prompts an optional email, connects to the relay, and executes the local `openclaw` binary. Important privacy implication: agent stdout (which may contain secrets) and transcripts are forwarded over the relay — the SKILL.md warns about this but it is a real exfiltration risk if the agent emits sensitive data.
The package itself has no platform install spec, but index.html documents an install command that downloads and extracts an archive directly from https://hotbutter.ai (curl | tar). Downloading and extracting archives from a non-vetted domain is higher risk; if you follow that install path you should inspect the archive first or host/verify the code from a trusted source.
The skill requests no cloud credentials or unrelated environment variables. It only requires the local `openclaw` binary and stores an optional email in ~/.hotbutter. The absence of extra credentials is proportionate to the stated functionality. Note: sensitive data can be leaked through normal operation if the agent prints secrets.
always:false and no system-wide config changes beyond writing its own ~/.hotbutter file. It does not modify other skills or request elevated privileges. Autonomous invocation is allowed (platform default) — combined with network relay this increases blast radius for leaked agent output, but this is expected for this skill.
Guidance
This skill is coherent with its description: it intentionally routes transcripts and agent stdout through a hosted relay (wss://hotbutter.ai) and runs your local `openclaw` CLI. Before installing: (1) Understand that anything your agent prints (including secrets) will be forwarded — avoid running agents that can emit credentials or use `--relay-url` to point to a relay you control. (2) Do not run the suggested curl|tar install blindly; inspect the archive first or clone the repository from a trusted source. (3) Review the code (it is small) and verify the `openclaw` binary you invoke is trusted. (4) If you require stronger privacy, use the recommended hotbutter-os/local relay or self-host a relay and start with `voice-bridge start --relay-url wss://your-relay.example.com`.
Latest Release
v1.0.5
- Added detailed documentation to SKILL.md, explaining data flow, privacy considerations, and usage instructions for the hosted relay voice skill. - Clarified which data is routed through hotbutter.ai and what remains local. - Provided setup requirements, usage examples, configuration options, and first-run details. - Linked to a fully local alternative and included privacy warnings regarding agent output.
Popular Skills
Published by @michael-stajer on ClawHub
