ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Windows TTS (WSL2)

v1.1.1

在 Windows 11 上"直接发声"的 TTS(从 WSL2/TUI 调用 powershell.exe + System.Speech)。适用于用户说"说出来/读出来/语音播报/用TTS",或反馈"没声音/tts 生成的 mp3 是空的/播不出来",以及需要中文语音但 OpenClaw 内置 tts 不可用时。

0· 747·0 current·0 all-time
by@547895019
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
Name, description, SKILL.md and the two scripts all consistently implement 'call Windows System.Speech from WSL' to play audio on the Windows default device. The functionality and required actions are proportional to the stated purpose.
!
Instruction Scope
The runtime instructions and scripts execute powershell.exe on the Windows host (expected for this skill). However, user-provided TEXT is embedded into a PowerShell double‑quoted string (\$s.Speak("$TEXT_ESC");) without escaping PowerShell variable/subexpression syntax ($, $(), ${}, etc.). That allows an input containing $var or $(...) to be interpreted by PowerShell and run arbitrary code on Windows. The SKILL.md mentions escaping $ to avoid bash expansion (a different issue) but does not warn about or mitigate PowerShell interpolation risk.
Install Mechanism
No install spec or external downloads; the skill is instruction + small scripts only. That is low-risk from install/source code perspective.
Credentials
The skill declares no env/credentials (correct). It implicitly requires a WSL environment with access to powershell.exe (i.e., Windows host), which the SKILL.md documents, but the registry metadata does not list an OS restriction—minor mismatch to be aware of.
Persistence & Privilege
always:false and no persistent installation or cross-skill config changes. The skill runs commands at invocation only; autonomous invocation remains platform default and is not by itself a new risk here.
What to consider before installing
This skill is coherent and will play speech through Windows as advertised, but it currently treats the text you ask it to speak as a PowerShell double‑quoted string and does not neutralize PowerShell variable or subexpression syntax. That means a crafted message (e.g., containing $env:..., $(...), etc.) could cause PowerShell to evaluate code on your Windows host. Before installing/use: (1) Only run this skill in trusted environments and avoid feeding untrusted text to it. (2) Prefer a patched version of say.sh that safely passes the text to PowerShell (for example: use single-quoted here-strings or -EncodedCommand, or otherwise escape/encode $ and $( ) so no interpolation happens). (3) If you want to proceed comfortably, ask the maintainer to fix the script to treat text as a literal string (e.g., use $s.Speak(@'... '@) or use powershell -EncodedCommand with base64), and add an explicit OS requirement for WSL/Windows in the metadata.

Like a lobster shell, security has layers — review code before you run it.

latestvk9745w0fcsc7p4at69aed19r6x817440

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments