ClawHub

Windows TTS Notification

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it sends text to a configured Windows TTS server for spoken announcements, with privacy cautions around network transmission and audible playback.

Install only if you trust the Windows TTS server and the local network. Avoid sending secrets, private health details, financial information, or embarrassing messages, because the text may cross the network over HTTP and be spoken where others can hear it. Prefer a trusted LAN, authenticated or encrypted transport where available, and neutral wording for scheduled reminders.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill clearly depends on network access to send text to a Windows-hosted TTS server, yet the metadata declares no required permissions/capabilities. This creates a transparency and trust problem: users or hosting platforms may underestimate that the skill can transmit user-provided content over the network to another device/service on the LAN.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The documentation encourages use of the TTS function without warning that message contents are sent over the network to a Windows host at 192.168.1.60:5000. This can lead users to transmit sensitive reminders or personal information without informed consent, especially in a household/agent automation context where messages may include health or family details.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The guide instructs users to send notification text to a TTS server over plain HTTP without mentioning that the content is transmitted unencrypted on the local network. If the text includes sensitive reminders or personal information, it could be intercepted by anyone with access to the network segment or logged by intermediate systems.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The publishing summary promotes LAN-wide voice broadcast use cases such as family reminders and smart-home announcements, but it does not warn about privacy, unintended disclosure, or misuse in shared environments. In a TTS broadcast skill, this omission can lead users to send sensitive content over speakers audible to unintended listeners, increasing the risk of information exposure or harassment-by-announcement scenarios.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill documentation promotes reminders and announcements but does not prominently warn that message contents are sent over plain HTTP to a Windows TTS server and then played aloud on connected speakers. This can expose sensitive or embarrassing content through network interception on untrusted LANs and through unintended audible disclosure to anyone within hearing range.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The client sends TTS text content directly to a configured remote URL via fetch, and there is no enforcement that the URL uses HTTPS or any indication to callers that potentially sensitive spoken content may transit the network. In this skill context, notifications may contain private household reminders or announcements, so plaintext transport or silent remote transmission increases confidentiality risk, especially on untrusted networks.

Missing User Warnings

Medium
Confidence
82% confidence
Finding
The tool forwards arbitrary user-provided text directly to a Windows/Azure TTS service for audible broadcast, but the function itself provides no consent, confirmation, destination disclosure, or sensitivity checks before speaking content aloud. In this skill’s context, that creates a real privacy and safety issue because messages may be transmitted to a remote service and broadcast over Bluetooth speakers where nearby people can overhear sensitive or deceptive content.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal