Chat With Anyone
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is mostly transparent about cloning or designing voices, but it handles sensitive voice/image data and one helper can send the Noiz API key to an arbitrary API URL if that option is used.
Install only if you are comfortable with a voice-cloning workflow that downloads public speech, calls the Noiz API, uploads selected images for voice design, and stores generated voice artifacts locally. Do not use it for deception or private non-consenting people. Prefer using the default Noiz endpoint only, and be cautious about any request or prompt that asks the agent to change the API base URL.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A malicious or mistaken API URL could receive the user's Noiz API key along with the selected image and voice description.
The helper accepts an arbitrary base URL and sends the loaded Noiz API key in the Authorization header to that URL. The normal workflow only needs the Noiz endpoint, so this creates an avoidable credential-boundary risk if the option is influenced by a prompt or user input.
parser.add_argument("--base-url", default=DEFAULT_BASE_URL)
...
url = f"{base_url.rstrip('/')}/voice-design"
...
requests.post(url, headers={"Authorization": api_key}, data=data, files=files, timeout=timeout)Remove the base-url override for normal use, restrict it to an allowlisted Noiz domain, or require explicit user confirmation before sending credentials to any non-default endpoint.
Synthetic voice output could be misused or misunderstood as a genuine recording if not clearly labeled.
The skill's core purpose is real-person voice imitation. It does include disclosure and refusal rules, which makes this purpose-aligned rather than deceptive, but the generated audio still carries impersonation and trust risks.
Clone a real person's voice from online video, or design a voice from a photo, then roleplay as that person with TTS. ... Inform the user that generated audio is synthetic and should not be presented as genuine recordings.
Use only with consent or clearly permissible public-figure/parody contexts, keep the synthetic-audio disclosure with every output, and refuse deceptive, harassing, or defamatory requests.
Images and voice descriptions used for voice design leave the local environment and are processed by the provider.
The image-based workflow uploads the selected image and voice description to the Noiz API. This is expected for the feature, but it sends potentially sensitive user-provided media to an external provider.
files = {"picture": (p.name, p.open("rb"), "image/jpeg")}
...
requests.post(url, headers={"Authorization": api_key}, data=data, files=files, timeout=timeout)Confirm with the user before uploading private images, avoid sensitive photos, and review the provider's privacy terms.
Setup may fail or pull a dependency version the user did not review.
The skill depends on external binaries, another skill, and an unpinned package install command. These dependencies are purpose-aligned, but they are not captured by an install spec in the supplied artifacts.
| `ffmpeg` | System binary | | `yt-dlp` | System binary | | `tts` skill | Cursor skill | ... uv pip install yt-dlp
Declare required binaries and skill dependencies in metadata/install specs, and pin package versions or document trusted installation sources.
Reference clips, generated replies, and voice IDs may remain on disk and be reused later.
The workflow stores and reuses generated/reference voice artifacts across subsequent messages. This persistence is disclosed and useful, but the retained files may represent sensitive voice-imitation material.
Present the generated audio file to the user along with the text. For subsequent messages, reuse the same `--ref-audio` path.
Store outputs in a clearly scoped directory, tell users where they are kept, and provide cleanup instructions for deleting voice artifacts after the session.