ClawHub

Volcengine TTS Audio Synthesis

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Volcengine text-to-speech skill that sends user-chosen text to the provider and saves generated audio locally.

Install only if you are comfortable sending synthesis text to Volcengine/ByteDance. Keep VOLCENGINE_TTS_TOKEN private, avoid placing secrets in request JSON or shared output directories, keep .env out of version control, and consider pinning requests for reproducible installs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill documentation instructs use of environment variables, local file reads/writes, and outbound network access, but does not declare those permissions explicitly. This creates a mismatch between what the skill can do and what a reviewer or runtime policy may expect, increasing the risk of unintended credential exposure, filesystem modification, or external data transmission. In context, these capabilities are expected for a TTS provider integration, which makes the behavior less suspicious than in an unrelated skill, but the lack of declaration is still a real security control gap.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The script transmits user-provided text and service credentials to an external vendor API, but the runtime behavior is not prominently disclosed to the user beyond code comments and metadata. In agent or automation contexts, users may provide sensitive text without realizing it will leave the local environment and be processed by a third party.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal