Ms Speech Synth

Security checks across malware telemetry and agentic risk

Overview

The skill appears to perform its stated text-to-speech job, with privacy and dependency-installation cautions users should understand.

Install only if you are comfortable sending the text you select to Microsoft/Edge TTS for synthesis. Avoid confidential or regulated documents unless that external processing is approved, review folder inputs before batch mode, and install ffmpeg from a trusted verified source rather than an unspecified downloaded zip.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 93% confidence
Finding: The skill documents file reading and shell execution behaviors (Python script invocation, package installation, ffmpeg usage) but does not declare corresponding permissions. This creates a transparency and policy-enforcement gap: users or platforms may allow the skill without understanding that it can access local files and invoke external commands.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill sends user-provided text to Microsoft's Edge TTS service over the network, but the description does not clearly warn users that their content leaves the local environment. This is a privacy issue, especially if users synthesize sensitive notes, documents, or folder contents in batch mode.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill sends user-supplied text to Microsoft's Edge TTS service via edge_tts without an explicit privacy warning, consent step, or documentation that content leaves the local environment. If users provide sensitive text, this can cause unintended disclosure of private, regulated, or proprietary data to an external service.

External Transmission

Medium

Category: Data Exfiltration
Content: |------|------|------| | `edge-tts` | `pip3 install edge-tts` | 微软 TTS 引擎 | | `miniaudio` | `pip3 install miniaudio` | MP3 解码为 PCM | | `ffmpeg` | `curl -L .../ffmpeg.zip -o /tmp/ffmpeg.zip && unzip /tmp/ffmpeg.zip -d /tmp/ffmpeg_bin` | WAV 转 MP3、BGM 混音 | ## 速率限制（Rate Limit）
Confidence: 91% confidence
Finding: curl -L .../ffmpeg.zip -o /tmp/ffmpeg.zip && unzip /tmp/ffmpeg.zip -d

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal