Back to skill

Security audit

Tts Responder

Security checks across malware telemetry and agentic risk

Overview

This skill clearly converts text to speech and sends the resulting voice message to Telegram, which matches its stated purpose, but users should treat spoken replies as shared with Telegram.

Install this only if you are comfortable with generated voice replies and the caption text being uploaded to Telegram for the configured chat. Use a limited bot token, verify CHAT_ID carefully, and avoid spoken mode for sensitive conversations unless that external sharing is acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly states that generated speech is sent through the Telegram API, but it does not give a clear user-facing warning about the privacy implications of transmitting model output to a third-party platform. This can lead users to enable spoken responses without understanding that potentially sensitive assistant content will be delivered and stored outside the local environment.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The script transmits user-provided content to Telegram without an explicit user-facing disclosure at the moment of transmission. Even though the purpose comments mention Telegram, users invoking a TTS utility may not expect their input text and generated audio to be sent to an external service automatically when environment variables are set, creating a privacy and data-handling risk.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.