Back to skill
Skillv1.0.0
ClawScan security
speaker-local · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 2, 2026, 2:06 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only wrapper that tells the agent how to run a local Kokoro TTS CLI and download model files from GitHub; its requests and instructions match its stated purpose and do not ask for unrelated secrets or privileges.
- Guidance
- This skill appears coherent and limited to running a local Kokoro TTS CLI. Before installing or running anything: (1) verify the GitHub release URLs point to the official kokoro-tts repo and check release signatures/SHA256 if available; (2) inspect the installer `uv` (what it is and where it comes from) before running `uv tool install kokoro-tts`; (3) run the tool and downloaded model files in a sandbox or VM if you are unsure; (4) confirm you have sufficient disk space and the required Python version; and (5) review the kokoro-tts project's license and privacy/security notes if you will process sensitive text. These checks will reduce risk from running downloaded binaries or large model files.
Review Dimensions
- Purpose & Capability
- okName/description (local TTS) align with the instructions: the SKILL.md shows how to run kokoro-tts, which voices and options to use, and how to obtain model files. Nothing requested (no env vars, no unrelated binaries) appears out of scope for providing text-to-speech.
- Instruction Scope
- okRuntime instructions are narrowly scoped to installing/using kokoro-tts and downloading two model files; they do not instruct reading arbitrary system files, accessing credentials, or exfiltrating data. Commands shown are specific (kokoro-tts, wget) and limited to TTS-related tasks.
- Install Mechanism
- noteThis is instruction-only (no install spec). The SKILL.md directs the user to run `uv tool install kokoro-tts` and to wget model files from GitHub releases. GitHub release URLs are a common/expected source; however, the installer `uv` is not explained (unknown tool) and the instructions do download/extract model blobs into the working directory — user should verify the provenance and checksums of those release artifacts before running them.
- Credentials
- okNo environment variables, credentials, or config paths are required. The skill does not request unrelated secrets or broad environment access; asking for model files in the working directory is proportional to running a local TTS.
- Persistence & Privilege
- okSkill does not request persistent presence (always=false) and includes no instructions to modify agent-wide settings or other skills. Autonomous invocation is allowed by default but is not combined with other concerning privileges.