As a proof of concept, researchers from Israel-based application-security firm Checkmarx wrote a malicious “skill,” or Alexa functions, that managed to turn an Amazon Echo Dot into a full-fledged eavesdropping device that recorded dialogue indefinitely and sent transcriptions of human speech to a third-party website as well as to Amazon. (The skill was never uploaded to Amazon’s Alexa app store, and isn’t available to the public.)