Skillv1.0.0

ClawScan security

speaker-local · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 2, 2026, 2:04 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's purpose (local TTS) matches its instructions, but the runtime instructions require downloading and running binaries (and an installer) not declared in the manifest, so the package metadata and runtime behavior are inconsistent and merit caution.
Guidance: This skill appears to be a wrapper for the third-party Kokoro TTS CLI and requires downloading model files and installing a tool, but the registry metadata omits those runtime requirements. Before installing or using: 1) verify the kokoro-tts project and release assets on GitHub are the genuine upstream (owner nazdridoy) and inspect release checksums if available; 2) confirm what 'uv tool install kokoro-tts' actually does (review its code or use a manual install) — unknown installers can run arbitrary commands; 3) ensure required runtime binaries (kokoro-tts, Python 3.9–3.12, wget or equivalent) are present and declared in metadata; 4) avoid running installers or executing downloaded model files from untrusted sources; 5) if you need higher assurance, request the skill author add explicit required-binaries and an install spec (or provide vetted package URLs / checksums). If you cannot verify the installer and release assets, treat the skill as untrusted.

Review Dimensions

Purpose & Capability: okName/description (local TTS via Kokoro) match the instructions: examples and reference describe a CLI kokoro-tts and model files needed to convert text/epub/pdf to audio.
Instruction Scope: concernSKILL.md tells the agent to install kokoro-tts (via 'uv tool install kokoro-tts') and to wget model files from GitHub releases into the working directory. The instructions reference using kokoro-tts, wget, and Python (3.9–3.12) at runtime, but the skill metadata does not declare these requirements. Downloads and saving model binaries to disk are explicitly required and could install/execute third-party code.
Install Mechanism: noteNo install spec in registry metadata, but the instructions call out 'uv tool install kokoro-tts' and direct downloads from GitHub release URLs (github.com/nazdridoy/kokoro-tts/releases/...). GitHub releases are a reasonable host, but 'uv tool install' is an unspecified installer; without knowing what that installer does, there's moderate risk. The downloads are direct model/binary assets (onnx, .bin) — no archive extraction specified.
Credentials: okThe skill requests no environment variables or credentials, which is appropriate for local TTS. However metadata omission of required runtime tools (kokoro-tts, wget, python) is an inconsistency to address.
Persistence & Privilege: okalways:false and no declared installs that modify other skills or system-wide config. The skill instructs placing model files in the working directory (normal for local models) but does not request persistent elevated privileges.