tts
v1.0.0Text-to-speech conversion using node-edge-tts npm package for generating audio from text. Supports multiple voices, languages, speed adjustment, pitch contro...
⭐ 0· 119·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (Edge TTS wrapper) matches the included scripts, package.json, and documentation. Dependencies (node-edge-tts, commander) are appropriate for a Node.js TTS CLI/skill. There are no unrelated credentials, binaries, or config paths requested that would be out of scope for a TTS skill.
Instruction Scope
SKILL.md instructs either using the platform's built-in tts tool or the provided CLI scripts. The scripts only read/write a per-user config (~/.tts-config.json), create temp audio files under the system temp directory, and send text to the Microsoft Edge online TTS service via node-edge-tts. There are no instructions to read other system files, harvest environment variables, or post data to unexpected endpoints in the scripts. Note: the skill will transmit user text to an external TTS service (expected for this functionality).
Install Mechanism
There is no complex installer in the skill metadata, but an install.sh is included that runs npm install in the scripts directory. Dependencies are pulled from the public npm registry (package-lock.json references known packages). This is a standard, moderate-risk install mechanism for Node.js code and is proportionate to the task.
Credentials
The skill requests no environment variables or credentials. It does persist a small config file in the user's home directory and writes temporary audio files; both are reasonable for a TTS tool. The proxy option (configurable) can reroute requests — expected for networking tools but means network traffic can be directed via a proxy if configured. Users should be aware that supplied text is sent over the network to the TTS backend.
Persistence & Privilege
The skill does not require 'always' presence and does not modify other skills or system-wide agent settings. It persists only a per-user config file (~/.tts-config.json) and writes output to temp or specified output paths. Those are normal privileges for a CLI-based skill.
Assessment
This package appears to be a straightforward wrapper around node-edge-tts. Before installing, consider: (1) npm install will fetch packages from the public registry—review package-lock.json if you audit dependencies; (2) generated audio and a small config file (~/.tts-config.json) are written to disk; (3) user text is sent to an external TTS service (Microsoft Edge online service) — do not send sensitive secrets or private data through it; (4) the skill exposes a proxy option that can route requests if you configure it — only set this to trusted proxies; (5) if you need higher assurance, run npm install and the scripts in a sandboxed environment or review the node-edge-tts dependency source before use.Like a lobster shell, security has layers — review code before you run it.
latestvk975qrrbnnysdft96b4z7tbh01837h4w
License
MIT-0
Free to use, modify, and redistribute. No attribution required.