Back to skill
Skillv1.0.0
ClawScan security
bailian-tts · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousMar 6, 2026, 9:32 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill appears to do what it says (call a Bailian TTS CLI), but it omits declaring the required API credential and relies on an unverified npm package that the quick-test will install globally — these mismatches are worth investigating before installing.
- Guidance
- This skill looks functionally coherent for TTS but has two practical concerns you should resolve before installing: (1) it requires a BAILIAN_API_KEY at runtime (the SKILL.md and quick-test.sh check for it), but the skill metadata doesn't declare that credential — expect to provide that secret for use; (2) the CLI it invokes is @hackerpl/bailian-cli (no homepage/repo in metadata). Verify the npm package is legitimate: check the package page, repository, maintainer identity, download counts, and review its code (or prefer an officially maintained Alibaba/百炼 client). Note the quick-test script will auto-install the CLI globally if missing — avoid running it on production hosts or run it in an isolated environment/container. Finally, avoid sending highly sensitive text to the TTS service unless you confirm the API key scope and the service's privacy terms.
Review Dimensions
- Purpose & Capability
- concernThe name/description match the instructions: it drives a bailian-cli to produce TTS. However, the skill fails to declare the main runtime credential (BAILIAN_API_KEY is checked/required in SKILL.md and the test script but requires.env lists none), which is an incoherence between claimed metadata and actual needs.
- Instruction Scope
- okRuntime instructions and the included quick-test.sh are limited to checking/installing the CLI, verifying an API key, listing voices, and invoking bailian tts. They do not instruct reading unrelated system files or exfiltrating data. They do offer a base64 output option and default an output folder under ~/.openclaw/media/audio, which is reasonable for TTS workflows.
- Install Mechanism
- concernThere is no formal install spec, but the provided script and instructions run npm i -g @hackerpl/bailian-cli. That is a global install of an npm package with no homepage/repository provided in the skill metadata and no verification of provenance. Installing a third-party global CLI is moderate risk and should be verified (package ownership, source repo, audit of package contents).
- Credentials
- concernThe skill actually requires BAILIAN_API_KEY (and optionally BAILIAN_REGION) for operation, but the skill metadata lists no required env vars or primary credential. Asking for an API key is proportionate for a TTS integration, but the omission in the declared requirements is an inconsistency that reduces transparency. The script also assumes standard HOME/OUT_DIR locations, which is normal.
- Persistence & Privilege
- okThe skill does not request permanent presence (always:false), does not modify other skills or system-wide agent settings, and does not appear to persist credentials itself. The only system change the instructions suggest is installing a global npm CLI and creating an output directory.