ClawHub

Pocket TTS Complete Documentation

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only Pocket TTS skill whose higher-risk examples are disclosed and aligned with its text-to-speech purpose.

Install this if you want Pocket TTS documentation available to your agent. Before running examples, verify the external pocket-tts package, prefer pinned versions in controlled environments, use only voices you own or have permission to clone, treat remote voice/model URLs as trusted-input decisions, keep any server bound to localhost unless secured, and protect generated safetensors because they can enable later voice reuse.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
87% confidence
Finding
The README says the skill triggers automatically for broad topics like text-to-speech, voice cloning, and streaming audio generation without defining tighter boundaries. In an agent ecosystem, overly broad trigger criteria can cause the skill to activate in unrelated conversations, increasing the chance of unnecessary context injection, mistaken tool selection, or exposure to sensitive prompts that were not intended for this documentation skill.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill prominently advertises voice cloning and third-party voice use but provides no warning about consent, impersonation, or misuse of someone else's audio. In a TTS skill, this omission increases the chance of harmful or deceptive use because users are explicitly encouraged to clone voices from short samples and remote repositories.

Missing User Warnings

Low
Confidence
80% confidence
Finding
The documentation instructs users to start a FastAPI server and even change host/port, but it does not warn that binding to broader interfaces could expose generated content or cloned-voice capabilities to other users on the machine or network. While this is not an exploit by itself, the omission can lead to unintended access in environments where local services are reachable by others.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal