ClawHub

Multi Edge Tts Cn

Security checks across malware telemetry and agentic risk

Overview

The skill’s news-to-audio purpose is coherent, but it needs review because it can send text to outside speech/model services and may overwrite files through loosely controlled output paths.

Review before installing. Use it only for non-sensitive news topics, avoid confidential scripts or private business text, and keep output paths inside a dedicated workspace folder. Be aware it may use configured model/TTS providers and could overwrite files if directed to an unsafe path.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
# AMR 格式需要 8kHz 采样率
    sample_rate = "8000" if ext == ".amr" else "48000"

    result = subprocess.run(
        [
            "ffmpeg", "-y", "-i", mp3_path,
            "-ar", sample_rate, "-ac", "1",
Confidence
86% confidence
Finding
result = subprocess.run( [ "ffmpeg", "-y", "-i", mp3_path, "-ar", sample_rate, "-ac", "1", *codec_args, "-loglevel", "error", ou

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
The function claims to validate that output stays in approved directories, but in reality it always returns `True` after printing a warning. In this skill context, the agent may pass user-influenced output paths, so this mismatch enables arbitrary file write/overwrite behavior rather than the documented restriction.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill says it requires network access, but it does not clearly disclose that user-provided text is sent to Microsoft's Edge TTS service for processing. Users may unknowingly submit sensitive or regulated content to a third-party service, causing privacy, compliance, or data-handling issues.

Missing User Warnings

Medium
Confidence
79% confidence
Finding
The skill sends user-supplied text to Microsoft's Edge TTS service over the network, but the code does not provide an explicit privacy warning or consent gate. In an agent setting, users may assume local processing; transmitting arbitrary prompt content can expose secrets, personal data, or confidential business text to a third-party service.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal