Back to skill
Skillv1.0.8
ClawScan security
IMA AI Text To Speech — seed-tts, DouBao · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 30, 2026, 6:33 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's files, runtime instructions, and requested environment access are coherent with a text‑to‑speech integration that uses a single IMA API key and local prefs/logs; nothing in the package indicates misdirection or unrelated privilege requests.
- Guidance
- This skill appears to do what it advertises: it sends your text to IMA Studio's TTS API using the IMA_API_KEY and returns an audio URL. Before installing: 1) Prefer a scoped or test API key if you're concerned about exposure. 2) Be aware the skill writes logs (~/.openclaw/logs/ima_skills/) and a preferences JSON (~/.openclaw/memory/ima_prefs.json); logs are auto-deleted after 7 days but may contain non-sensitive metadata (verify no prompts or secrets are logged if that matters). 3) Confirm you trust https://imastudio.com / api.imastudio.com as the destination for your API key. 4) The skill requires python3 and requests — install those in a controlled environment. If you want greater assurance, inspect the full ima_tts_create.py to verify it never logs the API key or writes user prompts to disk before using the skill.
- Findings
[no_regex_findings] expected: The package contains no pre-scan regex hits. The use of requests, Authorization headers, and local logging/file writes is expected for a TTS client calling api.imastudio.com.
Review Dimensions
- Purpose & Capability
- okName/description (TTS) matches the required artifacts: a single IMA_API_KEY credential, python3 runtime, requests dependency, and Python scripts that call https://api.imastudio.com to list products, create tasks, and poll results. No unrelated services or secrets are requested.
- Instruction Scope
- okSKILL.md and SKILL-DETAIL.md explicitly describe the exact HTTP calls (product list → create → poll) and UX behavior. Instructions do not request access to unrelated files, system configuration, or other credentials. The docs explicitly forbid exposing internal technical details to end users. The runtime scripts follow the documented flow.
- Install Mechanism
- okThere is no installer that downloads remote code; this is effectively an instruction-plus-local-scripts skill. The only required binary is python3 and requests is in requirements.txt — proportionate for a Python-based TTS client. No external arbitrary download URLs or archive extraction are present.
- Credentials
- noteOnly one credential is required (IMA_API_KEY) and it is used solely for Authorization to api.imastudio.com per docs and code. Caveat: the skill writes operational logs to ~/.openclaw/logs/ima_skills/ and stores per-user preferences in ~/.openclaw/memory/ima_prefs.json. While SECURITY.md asserts the API key is not written to repo files, user-provided prompt text or other metadata could be recorded in logs depending on runtime logging calls; logs are auto-cleaned after 7 days. Use a scoped/test key if you want to limit exposure.
- Persistence & Privilege
- okThe skill requests read/write only to its own preference and log paths under ~/.openclaw which is consistent with storing user preferences and operational logs. always:false and no modifications to other skills or global agent config are requested. Autonomous invocation is enabled by default (normal) but not escalated.