🗣️ Edge-TTS Skill using uvx
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: edge-tts-uvx Version: 1.0.0 The skill bundle is designed for text-to-speech conversion using the `uvx edge-tts` tool. All commands and instructions in `SKILL.md` are directly related to generating audio from text, listing voices, and adjusting TTS parameters. There is no evidence of data exfiltration, malicious execution, persistence, obfuscation, or prompt injection attempts against the agent to perform actions outside the stated purpose. The output is directed to a temporary directory, which is a safe practice.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Text being converted to speech should be handled as a command argument safely; otherwise unusual characters in the text could affect command parsing.
The skill's core workflow inserts message text into a shell command. This is purpose-aligned for text-to-speech, but unsafe interpolation could mis-handle shell metacharacters if the runner does not escape arguments correctly.
uvx edge-tts --text "{msg}" --write-media {tempdir}/{filename}.mp3Use safe argument passing or robust shell escaping, and keep generated output paths within a controlled temporary directory.
The command may resolve to whatever `edge-tts` package version is available in the user's environment, so future package changes could affect behavior.
The skill depends on `uvx` to run `edge-tts`, but the artifacts do not pin a package version or provide a homepage/source reference. This is central to the skill's purpose, not hidden behavior.
requires": {"bins": ["uvx"]} ... uvx edge-tts --text "{msg}"Verify the `edge-tts` package source before use and consider pinning a known-good version if reproducibility matters.
Sensitive text converted to speech may be sent to Microsoft Edge's TTS service for processing.
The artifact discloses use of an external TTS provider, meaning text submitted for speech generation may leave the local environment.
Generate high-quality text-to-speech audio using Microsoft Edge's neural TTS service
Avoid sending confidential or regulated text unless the user accepts the provider's privacy and retention terms.