ClawHub
Back to skill
v1.0.3

Chanjing Tts Voice Clone

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 7:38 AM.

Analysis

The skill is coherent for Chanjing voice-clone TTS, but users should notice that it uses local Chanjing credentials, persists tokens, and sends voice/text data to Chanjing.

GuidanceThis appears safe for its stated purpose if you intend to use Chanjing's TTS service. Before installing, make sure you are comfortable storing Chanjing credentials in ~/.chanjing/credentials.json, submitting the reference-audio URL and text to Chanjing, and using only authorized voice material.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
scripts/_auth.py
script = skills_dir / "chanjing-credentials-guard" / "scripts" / "open_login_page.py" ... subprocess.run([sys.executable, str(script)], check=False, timeout=5)

When credentials are missing, this skill may run a helper from a sibling skill rather than only files in its own manifest.

User impactA missing-credentials flow can execute the sibling login helper if it exists locally, so that helper's provenance matters too.
RecommendationInstall or keep the sibling credentials-guard skill only from a trusted source, or review that helper before relying on the automatic login-page flow.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityMediumConfidenceHighStatusNote
scripts/_auth.py
CONFIG_FILE = CONFIG_DIR / "credentials.json" ... data["access_token"] = new_token ... data["expire_in"] = d.get("expire_in") ... write_config(data)

The skill reads Chanjing account credentials from a local credentials file and writes refreshed access-token fields back to disk.

User impactUsing the skill lets it act through the user's Chanjing API account, and refreshed token material remains stored locally.
RecommendationUse only with a Chanjing account you intend to connect, keep credentials.json private, do not commit it to source control, and verify any CHANJING_API_BASE override before use.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication
SeverityMediumConfidenceHighStatusNote
SKILL.md
user-supplied public URL for reference audio (Chanjing servers fetch it); then synthesize and download from API-returned URLs

The skill clearly discloses that user voice-reference data and generated output handling involve Chanjing's external service.

User impactReference voice URLs and synthesis text may be processed by Chanjing, and generated audio may be available through provider-returned URLs.
RecommendationOnly use audio and text you are allowed to submit to Chanjing, avoid sensitive material unless acceptable under the provider's terms, and ensure the reference URL is intentionally public.