ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

LrshuAI Voice Clone

v1.0.0

声音克隆技能。当你需要提供一段参考音频,并生成使用该声音说话的新音频时调用此技能。

0· 25·0 current·0 all-time
by@lrshu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (voice cloning) align with the included code that accepts a reference audio/image/video and posts it to an inference API. However the script defaults to sending data to https://dlazy.com/api/ai/tool (no homepage or vendor declared), and the code supports many more generic model IDs than the SKILL.md lists. The default remote endpoint and broad model support are not documented in the skill metadata and reduce transparency.
!
Instruction Scope
SKILL.md contains a CRITICAL instruction forcing the agent to run `python script/invoke_model.py` directly (explicitly forbidding `openclaw run`). That is unusual and suspicious because it attempts to bypass the platform's standard execution wrapper. The script will read local files (images/videos/audio paths) and base64-encode/send them to the remote endpoint — behaviour consistent with voice-clone but also able to exfiltrate any file you point it at. The SKILL.md does not declare or justify why openclaw-run must be avoided.
Install Mechanism
No install spec (instruction-only with a bundled script) — low install risk because nothing is downloaded at install time. However the script depends on third-party Python packages (requests, possibly others) that are not declared or installed by the skill; running may fail or require the agent environment to have additional packages. Bundling executable script without an install step is acceptable but increases runtime dependency ambiguity.
!
Credentials
The skill requires TEAM_API_KEY (primaryEnv) which is coherent for an API-based model call. However the code also reads TEAM_BASE_URL (with a default of https://dlazy.com/api/ai/tool) but TEAM_BASE_URL is not declared in the requires.env list or metadata. An API key combined with an uncontrolled or undocumented base URL increases risk because the key may authorize requests to an external service not described by the skill. No other env vars or credentials are requested.
Persistence & Privilege
The skill does not request always:true, system-wide config changes, or access to other skills' configs. It is user-invocable and allows autonomous invocation (platform default) but does not demand permanent presence or elevated platform privileges.
What to consider before installing
This skill appears to implement voice cloning but has several red flags you should consider before installing or using it: - The script will send files (audio/images/videos) to a remote API. The default endpoint (https://dlazy.com) and the TEAM_BASE_URL env var are not documented in the skill metadata — verify the intended service and its privacy/security properties before providing your API key or any reference audio. - SKILL.md explicitly forbids running via the platform runner and demands executing the bundled Python script directly. This bypass could be an attempt to avoid platform controls; prefer skills that operate through the platform's approved invocation methods. - TEAM_BASE_URL is used but not declared; ensure the API key you supply is scoped/rotatable and do not reuse high-privilege credentials. Consider creating a throwaway or limited-scope key for testing. - The script requires Python packages (requests) that are not installed automatically; run in an isolated environment (container/VM) if you must test it. - If you need this capability, ask the publisher for a verified homepage, a canonical base URL, and a clear justification for bypassing openclaw run. If those aren't provided, treat the skill as risky and avoid sending private or sensitive audio files to it.

Like a lobster shell, security has layers — review code before you run it.

latestvk97304bf4yb9k0txmp7vsftdrh844852

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🎙️ Clawdis
Binspython
EnvTEAM_API_KEY
Primary envTEAM_API_KEY

Comments