Kokoro TTS

The skill is designed to generate speech using a configurable Kokoro TTS API. It makes a network POST request to the API_URL (defaulting to localhost) with user-provided text, voice, and speed, then saves the resulting audio to a local 'media' directory. There is no evidence of prompt injection in SKILL.md, malicious execution (user input is JSON-encoded, not executed), data exfiltration beyond sending the requested text to the configured TTS endpoint, or persistence mechanisms. All file and network operations are directly aligned with the stated purpose of a text-to-speech skill.