MLX TTS

Security checks across malware telemetry and agentic risk

Overview

This is a coherent local text-to-speech skill, with the main cautions that setup installs external tools and broad triggers may invoke it more easily than expected.

Install this only if you are comfortable allowing setup to install or update ffmpeg, uv, and mlx-audio from external package sources. Prefer explicit invocations like /mlx-tts when using it, and remember that text sent to the skill is rendered into an audio file and sent back through the message tool.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The trigger set includes very generic phrases like "Say <text>", "TTS ...", and "Reply with voice message ...", which can overlap with normal conversation and common assistant requests. This increases the chance the skill is invoked unintentionally or preempts other safer/more appropriate skills, causing unexpected local command execution and message sending behavior.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The installer automatically invokes Homebrew and uv to install software without any prompt, warning, or validation. This can cause unintended system changes and executes code fetched from external package sources, which is risky in an agent-skill context where users may not expect installation side effects during setup.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal