fishaudio-tts

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward FishAudio text-to-speech helper, with a documented but broader-than-ideal fallback that reads TOOLS.md for proxy and API-key setup.

Install only if you are comfortable sending the text you synthesize to FishAudio and using a FishAudio API key for those requests. Prefer --api-key or FISH_AUDIO_API_KEY instead of storing secrets in a broad TOOLS.md file, and choose output paths deliberately because the script will create directories and write the MP3 there.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Context-Inappropriate Capability

Medium

Confidence: 92% confidence
Finding: The skill reads a general local workspace file (~/.openclaw/workspace/TOOLS.md) to infer proxy settings and discover API credentials, which exceeds the minimum access needed for TTS. That broad file access can unintentionally ingest unrelated secrets or configuration data from the user's workspace without explicit consent.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The code reads a potentially sensitive local configuration file to extract an API key without a clear user-facing disclosure at runtime. This can surprise users, create unnecessary secret exposure paths, and normalize secret storage in broad workspace documents rather than dedicated secret stores.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal