Text To Speech
PassAudited by VirusTotal on May 5, 2026.
Overview
Type: OpenClaw Skill Name: dinghaibin-text-to-speech Version: 1.0.0 The skill is a straightforward text-to-speech utility that uses the legitimate gTTS library or the macOS 'say' command. Analysis of scripts/tts.py shows safe use of the subprocess module without shell execution, and no evidence of data exfiltration, malicious instructions, or suspicious network activity was found.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using the gTTS path may require installing a package from PyPI, so the package source and version matter.
The script depends on an optional third-party package that is not declared in the install metadata and is not version-pinned, although it is clearly related to the skill's purpose and is not automatically installed.
from gtts import gTTS ... print("gTTS not installed. Run: pip install gtts")Install gTTS deliberately from a trusted environment, consider pinning a version, and review dependency policy if using this in a managed workspace.
Text submitted for speech generation may be processed outside the local machine if gTTS is used, which matters for confidential content.
The user's text is handed to the gTTS library for conversion. The artifacts do not describe the external data boundary or privacy implications in SKILL.md.
tts = gTTS(text, lang=lang) tts.save(output)
Avoid converting sensitive text with this skill unless you are comfortable with the gTTS provider path, or use a fully local TTS engine instead.
On macOS, the skill may run the local speech synthesis command and write an audio file to the requested output path.
The script can invoke the local macOS 'say' command as a fallback. It uses fixed argument lists without shell=True and is aligned with text-to-speech functionality.
subprocess.run(['say', '-o', output.replace('.mp3', '.aiff'), text], check=True)Use normal caution with output paths and review generated files, but this local command use is expected for the skill's purpose.