Skillv1.0.2

ClawScan security

mmEasyVoice · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 8, 2026, 12:01 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The code and runtime instructions mostly match a MiniMax TTS tool, but registry metadata omits the required API credential and there are privacy-relevant capabilities (voice cloning / audio upload) and incomplete install metadata that warrant caution.
Guidance: Key things to consider before installing or running mmEasyVoice: - Missing declared credential: The registry metadata omits required environment variables, but SKILL.md and the code require MINIMAX_VOICE_API_KEY. Expect to provide an API key (a secret). Do not provide keys you wouldn’t mind being used by this code; verify the key’s scope and permissions first. - Data upload & privacy: Voice cloning and async tasks upload audio/text to the MiniMax service. Do not upload sensitive or private voice recordings you cannot afford to have retained or used to impersonate someone. Ask the service owner (or inspect scripts/utils) what MINIMAX_API_BASE is, what endpoints are used, and the vendor’s retention/privacy policy. - Verify endpoints and origin: The code refers to MiniMax platform endpoints (e.g., documentation URLs in the source). Because source/homepage is 'unknown', inspect scripts/utils to confirm MINIMAX_API_BASE resolves to an official vendor domain you trust before running. - Install & sandboxing: There is no automatic install step; you must pip install requirements.txt and install FFmpeg yourself. Run the tool in a sandbox or isolated environment first so you can monitor network requests, file writes (audio/tmp directories), and ensure it behaves as expected. - Review code areas of interest: Check scripts/utils and any HTTP request wrappers (make_request, get_headers, parse_response) to confirm headers, endpoints, and any logging of secrets. Confirm that API key is only used for the intended API and not exfiltrated elsewhere. - If you are unsure: Do not run it with production or highly privileged API keys. Ask the publisher for a canonical homepage, package signing information, or a source repo so you can verify provenance. If you need help checking the specific utils/make_request implementation, provide that file and I can review it for unexpected network targets or exfiltration behavior.

Review Dimensions

Purpose & Capability: noteThe skill's name/description (text-to-speech via MiniMax Voice API) align with the provided Python CLI and SDK files (tts, clone, design, audio processing). However the skill registry metadata lists no required environment variables or primary credential while the SKILL.md and multiple code files require MINIMAX_VOICE_API_KEY and expect contacting the MiniMax API. That mismatch is an inconsistency to be aware of.
Instruction Scope: noteSKILL.md instructs running local scripts (check_environment.py, mmvoice.py) and setting MINIMAX_VOICE_API_KEY; these are appropriate for TTS. The code performs network requests to MiniMax endpoints (create tasks, upload files, download results) and uploads user audio when using cloning or async upload features. SKILL.md does not explicitly call out that voice/audio files will be uploaded to a remote service nor detail retention/consent, which is important for privacy and risk (voice impersonation) considerations.
Install Mechanism: noteThere is no install spec in the registry (instruction-only), which reduces supply-chain risk. But the bundle includes requirements.txt and many Python modules; the user must manually install dependencies (requests, websockets, ffmpeg-python) and FFmpeg. The absence of an automated install step is not malicious but is an operational gap the user should notice.
Credentials: concernThe package requires MINIMAX_VOICE_API_KEY (SKILL.md and check_environment.py explicitly check for it) but the registry metadata lists no required environment variables or primary credential. This is an important mismatch: installing the skill will require providing a secret API key that was not declared up front. The code also accesses the filesystem (temporary audio dirs) and will upload files to the API when using cloning/design features — these accesses are proportional to the stated purpose but the undeclared credential is a red flag.
Persistence & Privilege: okThe skill does not request always:true, does not claim to auto-enable itself system-wide, and there is no code that appears to modify other skills. It creates/uses local temp directories and saves audio files (normal for its purpose).