ClawHub

LH Edge TTS

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent text-to-speech helper, but users should avoid sending sensitive text or files to the online TTS service.

Install only if you are comfortable with edge-tts and with the text you convert being processed by an online Microsoft Edge TTS service. Do not convert secrets, credentials, private documents, or regulated data unless approved. Use explicit input and output paths, and review ~/.tts-config.json if voice or proxy behavior is unexpected.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill documentation instructs use of local Python scripts that read input files, write audio/subtitle output, and persist configuration, but the skill does not declare corresponding permissions. This creates a capability/expectation mismatch that can lead to unauthorized file access or execution in environments that rely on declared permissions for policy enforcement and user trust.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The documentation states that an internet connection is required and names the `edge-tts` service wrapper, but it does not clearly warn users that the text they submit will be transmitted to an external online TTS service. This can lead users to unknowingly send sensitive or regulated content off-device, creating privacy, confidentiality, and compliance risks.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The activation guidance is broad enough that ordinary requests for accessibility or spoken output could trigger the skill unintentionally. In a skill that sends user text to an external TTS service and can create files, overbroad invocation increases the chance of unexpected data handling and unintended tool execution.

Vague Triggers

Medium
Confidence
89% confidence
Finding
Relying on a generic 'tts' keyword without scope boundaries is ambiguous and may activate on incidental mentions rather than actual conversion requests. Because this skill can transmit content to Microsoft's online service, ambiguous triggering raises privacy and consent risks beyond mere UX issues.

Vague Triggers

Low
Confidence
80% confidence
Finding
The keyword trigger is underspecified and lacks exclusion conditions, which can cause accidental activations from casual references to TTS. In this context the danger is somewhat limited by the benign purpose of the skill, but unintended network transmission and file generation still make this a real security and privacy concern.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill states it uses Microsoft's online neural TTS service and requires internet connectivity, but it does not clearly warn that user-provided text will be sent to a third-party service. This is a meaningful privacy issue, especially if users may submit sensitive, confidential, or regulated content expecting local-only processing.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal