Back to skill
Skillv0.1.0
ClawScan security
OpenClaw Tailnet TTS Endpoint · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 3, 2026, 6:43 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions and requirements are coherent with its stated purpose (configuring OpenClaw to use a local OpenAI-compatible TTS backend); it performs only the expected configuration, verification, and optional exposure steps and requests no extra credentials or installs.
- Guidance
- This skill appears coherent, but consider the operational risks before following its steps: you will need administrative access (docker, firewall, network) and the instructions explicitly include making the TTS service reachable from LAN/Tailscale — only do that if you intend to expose cloned voices and have appropriate network controls (firewall/Tailscale ACLs). Verify the local TTS backend image/service is trusted and legal to use (voice cloning may have legal/ethical constraints), back up OpenClaw config before changing it, and test changes in an isolated environment first. If you are uncertain, run the listed commands manually rather than allowing any automated agent to apply them.
Review Dimensions
- Purpose & Capability
- okThe name/description match the SKILL.md. All commands (openclaw config, curl to local endpoints, docker exec to inspect voice mapping, ss to check listeners, and guidance about rebinding/exposing services) are appropriate to configuring and validating a local TTS endpoint for OpenClaw; there are no unrelated credential or binary requirements.
- Instruction Scope
- noteInstructions stay on-task (configure OpenClaw, validate voice mapping, generate test clips, and optionally expose the TTS service). They do include privileged/admin actions (sudo docker exec, ss, rebinding services, firewall/Tailscale ACL changes) and guidance to expose a service to LAN/Tailscale — these are necessary for the feature but increase operational risk and require explicit user consent.
- Install Mechanism
- okNo install spec or code files (instruction-only). This is the lowest-risk installation surface; nothing is downloaded or written by the skill itself.
- Credentials
- okThe skill declares no required environment variables or credentials and the instructions do not attempt to read secrets or unrelated config. Accesses are limited to local services/containers and OpenClaw config.
- Persistence & Privilege
- noteThe skill instructs modifying OpenClaw configuration via openclaw config set (expected for the task) and may require elevated OS privileges to inspect containers or change firewall/network bindings. The skill is not always-enabled and does not request persistent platform-wide privileges beyond normal config edits.