Voice Ai Tts
PendingStatic analysis audit pending.
Overview
No static analysis result has been recorded yet. Pattern checks will appear here once the artifact has been analyzed.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill can use your Voice.ai API key to make TTS requests, which may consume account credits or reveal usage to the provider.
The package declares a required Voice.ai API key. This is expected for a Voice.ai TTS integration, but it grants the skill access to the user's Voice.ai account/API quota.
"env": { "VOICE_AI_API_KEY": "required" }, "primary_env": "VOICE_AI_API_KEY"Use a dedicated/revocable API key if possible, keep it in the environment rather than hardcoding it, and monitor Voice.ai account usage.
Any text converted to speech is sent to Voice.ai, and the output file path can create or overwrite a local audio file.
The CLI sends the provided text to the Voice.ai SDK and writes the resulting audio to the selected output path. This matches the TTS purpose, but it is still a network-and-file-writing capability.
if (opts.stream) { await client.streamSpeechToFile({ text: opts.text, voice_id: voiceId }, opts.output); } else { await client.generateSpeechToFile({ text: opts.text, voice_id: voiceId }, opts.output); }Avoid sending confidential text unless you accept Voice.ai processing it, and choose output paths carefully to avoid overwriting important files.