Skillv1.0.0

ClawScan security

CosyVoice3 macOS · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 17, 2026, 12:10 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code and instructions match its stated purpose (local CosyVoice3 TTS on macOS Apple Silicon); it downloads models and installs dependencies from public sources and does not request unrelated credentials or suspicious system access.
Guidance: This skill appears coherent with its stated purpose, but review and consider the following before installing: (1) It will download and install Miniconda, many pip packages, and ~2GB of model files from the internet (GitHub, PyPI, ModelScope). Ensure you trust the FunAudioLLM repo and are comfortable with network downloads and disk use. (2) The scripts use hard-coded paths (/Users/lhz/.openclaw/…); update them to your environment before running. (3) FastAPI/Gradio are installed (likely for demos); avoid running any web servers unless you intend to expose them. (4) Run the installer in a sandboxed environment or isolated conda environment if you want to limit system impact, and inspect repository code (especially any demo/example scripts) before launching. No credentials or secret exfiltration were requested or found in the provided files.
Findings: [uses_modelscope_snapshot_download] expected: snapshot_download is used to fetch pretrained models (expected for a model-driven TTS skill). This performs network downloads but doesn't require credentials for public models. [downloads_miniconda_via_curl] expected: install.sh downloads Miniconda from repo.anaconda.com to provide a Python environment — expected, coming from an official host. [git_clone_github_repo] expected: The installer clones FunAudioLLM/CosyVoice from GitHub — expected for installing the project source. [pip_installs_many_packages] expected: A number of Python packages (torch, torchaudio, fastapi, gradio, etc.) are installed. This aligns with running a local TTS model and demo servers; however, web frameworks are installed and could host a UI if started.

Review Dimensions

Purpose & Capability: okName/description (local CosyVoice3 TTS) align with the included files: installer, downloader, and CLI TTS script. The model download, conda env, and Python deps are reasonable for running a local TTS model.
Instruction Scope: noteSKILL.md and scripts instruct the agent/user to run install.sh, clone the CosyVoice repo, install many Python packages, and download models. All of these are relevant, but instructions use hard-coded workspace paths (/Users/lhz/.openclaw/...) which are environment-specific and may need adjustment before running. The instructions perform network downloads (git clone, pip, modelscope snapshot_download) — expected for this purpose.
Install Mechanism: noteThere is no separate install spec in registry, but the included install.sh performs network installs: Miniconda installer from repo.anaconda.com, git clone from GitHub, many pip installs from PyPI, and models downloaded via modelscope. These are standard but do execute remote code and write ~2GB of model files to disk.
Credentials: okThe skill requests no environment variables, no credentials, and no config paths beyond the local workspace. Dependencies like modelscope and snapshot_download need network access but no secrets — proportional to the task.
Persistence & Privilege: okSkill is not always-enabled and does not request elevated privileges or modify other skills. It only writes to its own workspace and model directories per the installer.