Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
fishaudio-tts
v1.0.1Text-to-Speech using FishAudio (fish.audio), generates natural human-like voice with great emotional expression.
⭐ 0· 260·0 current·0 all-time
byzorro@izorro
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The description is a FishAudio TTS client, which is coherent with the included Python script. However the registry metadata declares no required environment variables or config paths while the code clearly needs a FishAudio API key (FISH_AUDIO_API_KEY) and also attempts to read ~/.openclaw/workspace/TOOLS.md for an API key. That mismatch (undisclosed credential requirement and file access) is disproportionate to the claimed metadata.
Instruction Scope
SKILL.md tells users to put their API key in an env var or TOOLS.md, but the runtime instructions in the included script explicitly read ~/.openclaw/workspace/TOOLS.md (searching for 'fish'/'api'/'key') and also looks for a specific local proxy string (127.0.0.1:7890). Reading a user workspace file was not declared in metadata and expands the scope of data the skill touches; while the code only parses for a key/proxy, it still reads an undeclared local file.
Install Mechanism
No install spec; this is an instruction-only skill with a single Python script that uses the widely used requests library. There are no remote downloads or archives, and the SKILL.md suggests 'pip install requests' only. Install risk is low.
Credentials
The skill actually requires an API key (FISH_AUDIO_API_KEY) even though the registry lists none. It also reads a local TOOLS.md for the key and proxy configuration. Requiring access to an undeclared user file and a secret is disproportionate to what the metadata claims and should be explicitly declared. The script does not request unrelated cloud creds, but the missing declaration and file read are notable.
Persistence & Privilege
The skill does not request 'always' presence and does not modify other skills or system-wide settings. It writes generated audio files to user-specified paths (expected behavior) and has no special persistence or elevated privileges.
What to consider before installing
This skill appears to be a straightforward FishAudio TTS client, but be aware of two issues before using it: (1) the registry metadata does NOT declare that the script needs an API key, yet the code requires FISH_AUDIO_API_KEY (or will try to extract one from ~/.openclaw/workspace/TOOLS.md). (2) the script reads that specific TOOLS.md file (and checks it for a proxy string), which could contain other secrets you didn't intend to expose. Recommendations: inspect the fish_tts.py source yourself (it is included) and only run it if you trust it; prefer setting the API key via an environment variable rather than storing it in TOOLS.md; verify that ~/.openclaw/workspace/TOOLS.md doesn't contain any other sensitive tokens before allowing the skill to read it; run the script in an isolated environment or sandbox and monitor network requests to ensure it calls the expected https://api.fish.audio endpoint. If you are uncomfortable with undeclared file access, ask the publisher to update the metadata to declare the required env var and config path (or remove implicit TOOLS.md parsing).Like a lobster shell, security has layers — review code before you run it.
latestvk9785hj0h6n2xxgwy9ya3s89as82qcez
License
MIT-0
Free to use, modify, and redistribute. No attribution required.