Local TTS
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This appears to be a coherent local text-to-speech skill, but users should verify third-party package/model sources and treat the privacy/compliance claims as guidance rather than guarantees.
Before installing, use an isolated Python environment, verify the PyPI/Homebrew/Hugging Face sources, and be cautious with medical, legal, financial, or voice-cloning inputs. The tool appears locally focused, but its privacy and compliance statements should not replace your own security review.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the skill’s recommended dependencies gives third-party packages code execution on the user’s machine.
The skill relies on unpinned third-party packages, including a native-performance package. This is purpose-aligned for local ML inference, but users should verify package provenance and versions.
pip install qwen-tts ... pip install flash-attn --no-build-isolation
Use a virtual environment, install from trusted sources, consider pinning versions, and review model/package provenance before processing sensitive data.
Using the wrapper runs local Python code and model inference on the user’s machine.
The macOS wrapper invokes the local mlx_audio TTS module via subprocess. This is expected for the skill’s purpose and uses an argument list rather than shell execution.
cmd = [sys.executable, "-m", "mlx_audio.tts.generate", "--text", args.text, ...] ... result = subprocess.run(cmd)
Run it in a controlled Python environment and review commands before using it with sensitive input.
Users may overestimate the compliance or supply-chain assurances when using the skill for medical, legal, or financial content.
The privacy/security documentation makes broad compliance and supply-chain safety claims that are stronger than the artifacts alone can prove, especially given third-party package and model downloads.
**Full compliance** - Easier GDPR, HIPAA, CCPA compliance ... Supply chain attacks | No Risk | Yes Minimal dependencies
Treat the privacy documentation as a feature description, not a formal compliance assessment; validate policies, dependencies, and logging before regulated use.
Private text may be visible in local command output or retained wherever the agent or terminal stores logs.
The command being printed includes the user-supplied text argument, so sensitive text can appear in local terminal or agent logs even though processing is local.
print(f"Running: {' '.join(cmd)}")Avoid shared logs for sensitive text, and consider removing or changing command-printing behavior before regulated or confidential use.