ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

senseaudio-voice-ab-lab

v1.0.1

Use when a team wants to generate multiple ad, spoken-copy, sales, or promo voice variants from one typed or spoken creative brief, transcribe voice memos wi...

0· 138·0 current·0 all-time
byWu Ruixiao@kikidouloveme79
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
Name/description (generate A/B voice variants, transcribe briefs) matches the code's core behavior. However the registry metadata claims no required environment variables or config paths, while the scripts clearly use SENSEAUDIO_API_KEY, optionally SENSEAUDIO_PLATFORM_TOKEN, SENSEAUDIO_ASR_MODEL, and rely on local config (audioclaw_paths.get_config_path/get_workspace_root) and a Feishu helper to fetch tenant tokens. Those credentials and config access are expected for the stated purpose, but the metadata omission is a coherence problem that could mislead users about what secrets/config are needed.
!
Instruction Scope
SKILL.md instructs the agent to save user audio, run ASR, build variants, synthesize via SenseAudio TTS, and (optionally) send audio into Feishu. The code implements exactly that. Concerns: (1) the SKILL.md and agent prompt encourage automatically sending variants to Feishu when the user asks to '试听/发语音/飞书', which will post user audio to an external chat service; (2) scripts read local config and helper modules (audioclaw_paths, _shared/*, feishu sender) that are not listed in the metadata; (3) scripts call system tools (ffmpeg, afinfo) and run subprocesses. These actions are within the stated purpose but expand the skill's access surface and require explicit credentials/config that are not declared.
Install Mechanism
No install spec (instruction-only) and all bundled code is local. There are no remote downloads in the install. That lowers supply-chain risk. However the package depends on helper modules in a parent _shared directory and on local environment/tooling (ffmpeg, afinfo), so runtime failures or implicit path traversal may occur if the expected repository layout isn't present.
!
Credentials
Registry shows 'no required env vars', but the code uses and/or checks: SENSEAUDIO_API_KEY (default for TTS/ASR open API), SENSEAUDIO_PLATFORM_TOKEN (platform upload mode), SENSEAUDIO_ASR_MODEL, and expects Feishu app_id/app_secret via a feishu config loaded from get_config_path(). The skill will fetch tenant tokens and upload audio to Feishu and post to SenseAudio endpoints (https://api.senseaudio.cn and https://platform.senseaudio.cn). Requesting these secrets is reasonable for the described functionality, but the metadata omission is misleading and increases risk if users supply broad-scoped credentials without understanding where they go.
Persistence & Privilege
This skill is not always:true and is user-invocable; it does not request persistent platform privileges. It can be invoked autonomously (default allowed) which is normal for skills; combine that with the credential/config mismatches above if you want extra caution, but there is no evidence it modifies other skills or system-wide settings.
What to consider before installing
This skill performs the advertised tasks but the package metadata understates what it needs. Before installing or running it: 1) Expect to provide a SenseAudio API key (SENSEAUDIO_API_KEY) and possibly a SENSEAUDIO_PLATFORM_TOKEN for platform uploads; the skill will call https://api.senseaudio.cn and https://platform.senseaudio.cn. 2) If you want Feishu delivery, the skill expects Feishu app credentials/config (app_id/app_secret) accessible via its local config path — review where those are stored and how tenant tokens are fetched. 3) Review the missing shared helpers (audioclaw_paths, senseaudio_env, senseaudio_api_guard, feishu_audio_sender) before trusting runtime behavior — they may be in a parent repo in expected deployments but are not included in the manifest. 4) Limit API key scopes and use test/isolated credentials first; avoid giving production-wide keys until you audit the code paths. 5) Be aware the scripts will transcode (ffmpeg) and may call system utilities (afinfo); run in an environment where those binaries are safe and available. 6) If you need a definitive safety assessment, ask the publisher for corrected metadata listing required env vars and for the missing _shared modules, or run the skill in an isolated container and observe network endpoints it contacts.

Like a lobster shell, security has layers — review code before you run it.

latestvk97e0z83zjepx89f4kr2y2enpx83czcr

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments