Back to skill
Skillv0.2.5
ClawScan security
Autonoannounce · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 14, 2026, 5:02 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent: it needs an ElevenLabs API key to synthesize audio, uses local playback backends, writes local config/audio files, and the requested resources match its stated TTS/queue purpose.
- Guidance
- This skill appears to do what it says: it will send text to api.elevenlabs.io using the ELEVENLABS_API_KEY and store config and generated audio under the local project (.openclaw/, config/, audio/). Before installing, consider: (1) only provide an ElevenLabs API key with the minimal permissions you need and monitor usage (cost/exfiltration risk); (2) run the scripts manually first in a confined environment or container to verify behavior; (3) be aware the skill may generate and store audio files locally (check audio/earcons/ and .openclaw/); (4) optional env vars exist for retry tuning and mock testing — review scripts if you plan to set those. If you need higher assurance, run the included scripts in a disposable VM/container and audit network flows while exercising the skill.
Review Dimensions
- Purpose & Capability
- okName/description, required binaries (python3, curl, local players), and the ELEVENLABS_API_KEY align with a local queued TTS pipeline that sends text to ElevenLabs for synthesis and plays audio locally.
- Instruction Scope
- noteRuntime instructions and scripts operate on local config (.openclaw/, config/tts-queue.json, audio/earcons/) and call https://api.elevenlabs.io for synthesis. They do not reference unrelated network endpoints or attempt to read arbitrary system secrets. Note: several optional/test env vars are referenced by scripts (SFX_MAX_RETRIES, SFX_BASE_DELAY_MS, SFX_MAX_DELAY_MS, ELEVENLABS_PREFLIGHT_MOCK, ELEVENLABS_PREFLIGHT_MOCK_SFX_CODES) but these are for retry tuning and mock testing and are not declared in requires.env.
- Install Mechanism
- okNo install spec (instruction-only packaging) — code files are provided but nothing is automatically downloaded from external untrusted URLs. Running the skill will execute local scripts; there is no hidden installer that pulls external archives.
- Credentials
- okOnly ELEVENLABS_API_KEY is required (with optional ELEVENLABS_VOICE_ID and ELEVENLABS_MODEL_ID). This is proportionate for a skill that performs remote TTS. The scripts do send text to ElevenLabs; users should ensure the API key has appropriate scope and be aware of billing/privacy implications.
- Persistence & Privilege
- okalways is false and the skill does not request system-wide privileges. It writes its own config and audio files under the project (.openclaw/, config/, audio/) which is expected behavior for local runtime state.