U2-tts
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If these are real shared credentials, users may unknowingly consume someone else's UniSound account quota or rely on a leaked credential; it also normalizes putting secrets in visible instructions.
The documentation publishes a concrete provider app key and secret and tells users or agents to export them as credentials.
export UNISOUND_APPKEY='ce44uxf7g5eag2cv33qvlp5d22qrkgcezvgfp2q3' ... export UNISOUND_SECRET='5c12231cd279b35873a3ccecf9439118'
Remove real-looking credentials, use placeholders, require each user to configure their own UniSound credentials through environment variables or a secret store, and avoid command-line secret examples.
If the agent or user passes a non-UniSound URL, the input text plus app key/signature could be sent to an unintended endpoint.
The script lets the WebSocket endpoint be overridden while appending authentication parameters to the chosen URL.
parser.add_argument('--url', type=str, default='wss://ws-stts.hivoice.cn/v1/tts', help='WebSocket URL') ... '&appkey=' + self.appkey + '&sign=' + self.get_sha256(timestamp)Remove the arbitrary URL option or restrict it to the expected UniSound host, and require explicit user approval before sending text or authentication material to any non-default endpoint.
Text submitted for speech generation leaves the local machine and is processed by UniSound, which matters if the text is confidential.
The skill clearly states that user-provided text is transmitted to UniSound's external WebSocket API for synthesis.
Establish WebSocket connection to `wss://ws-stts.hivoice.cn/v1/tts` ... Send TTS request with text and voice parameters
Use this skill only for text you are comfortable sending to UniSound, and review UniSound's privacy and retention terms for sensitive content.
The agent may refuse to suggest or try other TTS approaches even if that would help the user after a UniSound failure.
The skill changes the agent's normal response behavior by forbidding alternatives and imposing a stop condition on failure.
NEVER offer alternatives ... IF API fails - Display the error message and STOP immediately ... NO fallback methods
Keep this restriction only if the user intentionally wants UniSound-only synthesis; otherwise soften it to allow user-approved alternatives.
A future install could pull newer dependency versions than the author tested.
The dependency versions are specified as open-ended ranges rather than pinned exact versions.
websocket-client>=0.56.0 ... gevent>=1.4.0
Pin exact dependency versions or provide a lockfile if reproducible installs are important.