Qwen3 Tts Mlx
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill coherently implements local text-to-speech, but users should notice its voice-cloning capability and unpinned external install/model dependencies.
This appears safe for local TTS use. Before installing, make sure you trust the Python/Homebrew packages and the referenced MLX models, and only use the voice-cloning mode with authorized reference audio.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
No VirusTotal findings for this skill version.
- Malicious
- 0
- Suspicious
- 0
- Harmless
- 0
- Undetected
- 65
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Generated speech could be used to imitate someone’s voice if a reference sample is provided.
Voice cloning is a disclosed core feature, but it can create audio that listeners may mistake for a real person.
Clone any voice from a short audio sample
Use voice cloning only with permission, label synthetic audio when appropriate, and avoid impersonation or deceptive use.
The local toolchain depends on external packages and models whose exact versions are not fixed in the artifact.
The setup uses unpinned external package/tool installs rather than a locked install specification.
pip install mlx-audio brew install ffmpeg
Install from trusted package sources, consider pinning versions, and review the model/package provenance before use.