ClawHub

Windows TTS Notification

v1.0.0

Push text notifications to Windows Azure TTS service for audio broadcast via Bluetooth speakers. Perfect for family reminders, alarms, and announcements.

0· 179·1 current·1 all-time
by@cmosakg
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match implementation: the plugin provides tts_notify, tts_get_status, tts_list_voices, tts_set_volume that POST/GET JSON to a configurable Windows TTS HTTP server (baseUrl). No unrelated capabilities (cloud management, AWS, Git access, etc.) are requested.
Instruction Scope
SKILL.md instructs administrators to add plugin config to OpenClaw and shows heartbeat/cron examples. Those examples reference editing files under /home/cmos/.openclaw and adding cron jobs — this is documentation/sample configuration, not behavior performed by the plugin code. Recommend verifying any publish/install scripts (publish.sh) before running so they don't modify system files unexpectedly.
Install Mechanism
No install spec in registry; source includes TypeScript and compiled dist/ JS. There are no external downloads, package installs at install-time specified here. Build/install is standard npm build noted in docs. No extract-from-URL or untrusted remote installs detected.
Credentials
Skill declares no required environment variables, no primary credential, and its config model only needs a user-provided HTTP URL and optional defaults (voice/volume/timeout). That is proportional to the purpose.
Persistence & Privilege
Skill does not request always:true, does not declare system-wide config paths or secret access. It registers tools via the OpenClaw API as expected for a plugin. No indications it modifies other skills or agent-wide credentials.
Assessment
This skill appears coherent and limited to sending JSON to a configured Windows TTS HTTP server on your LAN. Before installing: 1) Verify the Windows TTS server URL you provide is trusted and reachable only by devices you control (the skill will POST arbitrary text to that endpoint). 2) Inspect publish.sh and any npm scripts in package.json before running them — the documentation contains sample file paths (/home/cmos/.openclaw/...) and claims to have added cron/heartbeat entries, which are examples that a maintainer or install script could perform; confirm you are comfortable with any file changes. 3) Ensure OpenClaw's plugin config is set intentionally (do not point the plugin to external/untrusted endpoints). 4) If you need higher assurance, review the small JS/TS files (dist/ and src/) — they only use fetch for the configured baseUrl and perform no hidden network calls or credential exfiltration.

Like a lobster shell, security has layers — review code before you run it.

azurevk979n8ch6m69d1mmka9ssc3jts82zs98broadcastvk979n8ch6m69d1mmka9ssc3jts82zs98latestvk979n8ch6m69d1mmka9ssc3jts82zs98notificationvk979n8ch6m69d1mmka9ssc3jts82zs98remindervk979n8ch6m69d1mmka9ssc3jts82zs98ttsvk979n8ch6m69d1mmka9ssc3jts82zs98windowsvk979n8ch6m69d1mmka9ssc3jts82zs98

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔊 Clawdis

Comments