Back to skill
Skillv1.1.0
ClawScan security
Audio Reply · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 15, 2026, 10:12 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent: it implements local TTS on macOS using the uv tool, fetches public URLs under clearly-stated guardrails, and only requires installing uv via Homebrew — nothing requested looks disproportionate to the stated purpose.
- Guidance
- This skill appears to do exactly what it says: run local TTS on macOS and read public web pages. Before installing: (1) verify you trust the 'uv' package source (install via Homebrew or the official Astral installer), (2) expect a ~500MB model download from Hugging Face the first run and ensure disk space, (3) avoid feeding private/authenticated URLs or secrets (the skill relies on the agent to enforce guardrails), and (4) confirm your environment policy allows external URL fetching. If you need stricter guarantees, review or test the agent's URL-validation implementation and network restrictions before using the "read it to me" feature.
Review Dimensions
- Purpose & Capability
- okName/description (local TTS, read public URLs, conversational audio) align with requirements: macOS-only, requires the 'uv' binary, and uses a local MLX Audio model. Requesting a TTS runtime (uv) is appropriate for the stated functionality.
- Instruction Scope
- noteSKILL.md instructs the agent to validate and fetch http(s) URLs, extract text, generate TTS via 'uv run', play audio, and clean up temp files. The skill includes explicit safety guardrails (block localhost/RFC1918/private ranges, refuse credential-bearing URLs, summarize long pages). Because this is instruction-only, proper enforcement of those guardrails depends on the agent following them — the instructions are scoped to the stated purpose but rely on the agent to perform correct URL validation and not to leak data.
- Install Mechanism
- okInstall spec uses Homebrew to install 'uv' (astral-sh/uv), a known package manager tool; this is an expected, low-risk install mechanism for macOS. No arbitrary download URLs or extracted archives are specified.
- Credentials
- okThe skill requests no environment variables, no credentials, and no config paths. This is proportional to a local TTS reader that operates on public web pages and generated text.
- Persistence & Privilege
- okalways is false and the skill is user-invocable only. It does not request permanent presence or elevated system configuration changes and does not modify other skills' settings.