Skillv1.0.0

ClawScan security

Voice TTS · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 15, 2026, 6:30 PM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is coherent with its stated purpose (using edge-tts to generate Chinese TTS and returning a file path) and does not request unrelated credentials or install arbitrary remote code; the only minor mismatch is metadata not declaring the required edge-tts binary.
Guidance: This skill appears to do what it claims: it calls the edge-tts tool to generate audio files and returns a path for sending. Before installing/using: 1) be prepared to install edge-tts (pipx or pip) — installing PyPI packages executes third-party code and requires internet access; review the edge-tts package/source if you want full assurance. 2) Note the metadata omitted the required binary; ensure edge-tts is present on the host. 3) The script creates files under ~/.openclaw/media — ensure you are comfortable with that directory and clean up temporary files as needed. 4) The wrapper prompts interactively for very long texts which can hang non-interactive agents; if you intend to run headless, remove or modify the interactive prompt. 5) If you need higher assurance, inspect the edge-tts package and confirm network policies (edge-tts will contact external services to synthesize voices).

Review Dimensions

Purpose & Capability: noteThe SKILL.md and scripts implement exactly what the description promises: calling edge-tts to produce opus files and returning a path for the agent to send. However the registry metadata listed no required binaries while the runtime clearly requires the edge-tts executable (the README explains how to install it). This is a documentation/metadata omission rather than functional misdirection.
Instruction Scope: okInstructions and the script stay within TTS scope: they generate audio files in ~/.openclaw/media and print the path. The script does not read unrelated system files or environment variables, nor does it transmit data to external endpoints itself (network access happens via edge-tts). Note: the script prompts interactively when input is >1000 chars which can block non-interactive agents.
Install Mechanism: okThere is no packaged install spec; the README recommends installing edge-tts via pipx/pip. This is standard and does not pull arbitrary binaries from untrusted URLs. Installing a Python package does execute code from PyPI—normal but something to audit/accept before installing.
Credentials: okThe skill requests no secrets or environment variables. It writes to and creates ~/.openclaw/media, which is appropriate for storing generated media. No unrelated credentials or config paths are requested.
Persistence & Privilege: okThe skill is not always-enabled and does not modify other skills or global agent configuration. It only creates/uses its own media directory under the user's home.