SiliconFlow TTS Gen
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: siliconflow-tts-gen Version: 1.0.0 The skill is classified as suspicious due to a local file write vulnerability in `scripts/generate.py`. The `--output` argument, which specifies the path for the generated audio file, is passed directly to `curl -o` without sanitization. This allows a user to specify an arbitrary file path, potentially leading to directory traversal or overwriting sensitive user-owned files (e.g., `~/.bashrc`, `~/.ssh/authorized_keys`) with audio data, limited by user permissions. While the content written is an audio file, this uncontrolled file write capability is a significant vulnerability, even without clear malicious intent for self-exploitation. The skill correctly handles API keys and uses `subprocess.run` with a list of arguments, mitigating shell injection risks for other parameters.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using the skill may consume SiliconFlow account quota or billing, and any text converted to speech is sent to SiliconFlow under that credential.
The skill requires a SiliconFlow API key and can auto-detect it from a local OpenClaw config file, giving it access to a provider credential when run.
- **Environment Variable**: `SILICONFLOW_API_KEY` - **Optional Config File**: `~/.openclaw/openclaw.json` (for auto-detect)
Use a dedicated or limited SiliconFlow API key if possible, verify the OpenClaw config entry it will read, and avoid sending highly sensitive text unless you are comfortable with SiliconFlow processing it.
This is expected for generating an audio file, but the command includes the request text and bearer token as process arguments and can overwrite a user-writable output path.
The script invokes local curl to call the API and writes the response to a caller-controlled output path.
curl_cmd = ["curl", "-s", "-X", "POST", f"{API_BASE_URL}/audio/speech", "-H", f"Authorization: Bearer {api_key}", "-d", json.dumps(data), "-o", output_path]Run it only for intended TTS requests, choose safe output locations, and consider replacing curl command-line invocation with a Python HTTP client if reducing local process-argument exposure matters.
Install-time metadata may not fully warn about the credential and local binary needed to use the skill.
Registry metadata does not reflect the skill's actual need for SILICONFLOW_API_KEY and curl, even though the included SKILL.md, skill.json, and code disclose them.
Required env vars: none; Primary credential: none; Required binaries (all must exist): none
Review the included SKILL.md and scripts before use, and ensure curl is available and the API key is intentionally provided.