ClawHub
Back to skill
v1.0.0

doubao-tts-cn

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 11:31 AM.

Analysis

This appears to be a purpose-aligned Volcengine text-to-speech skill, with expected cautions around API credentials, dependency installation, and sending chosen text/files to Volcengine.

GuidanceThis skill is reasonable to install if you intend to use Volcengine TTS. Before installing, make sure you trust the skill package, use a dedicated Volcengine token where possible, run installation from a trusted directory, and avoid sending confidential text unless Volcengine processing and retention are acceptable to you.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
requirements.txt
requests>=2.28.0
python-dotenv>=1.0.0

The skill depends on external Python packages using lower-bound version constraints rather than exact pinned versions. This is common and purpose-aligned, but less reproducible than pinned dependencies.

User impactA future dependency version from the configured package index could behave differently from the version tested by the author.
RecommendationInstall in a virtual environment and consider pinning dependency versions if using this skill in a sensitive or production workflow.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityMediumConfidenceHighStatusNote
install.sh
VOLCENGINE_APP_ID=${APP_ID}
VOLCENGINE_ACCESS_TOKEN=${ACCESS_TOKEN}
EOF
    chmod 600 "$ENV_FILE"

The installer writes the provider app ID and access token to a persistent local config file. This is expected for the Volcengine integration and is protected with file permissions, but it is still sensitive credential material.

User impactAnyone who obtains this token may be able to use the user's Volcengine speech service account or consume quota.
RecommendationUse a dedicated/scoped Volcengine token if possible, keep the config file private, avoid sharing terminal output, and rotate the token if it may have been exposed.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication
SeverityMediumConfidenceHighStatusNote
scripts/tts.py
req_params["text"] = text
...
response = requests.post(SUBMIT_URL, headers=headers,
                                 data=json.dumps(payload), timeout=30)

The script sends user-provided text or file contents to the Volcengine TTS endpoint. This is central to the skill's purpose and is disclosed, but it means selected content leaves the local machine.

User impactPrivate or confidential text included in the input may be processed by Volcengine, and the skill documentation says synthesized audio is stored server-side for a limited time.
RecommendationOnly synthesize content you are comfortable sending to Volcengine, and review Volcengine retention/privacy terms for sensitive material.