ClawHub

Openai Tts.Bak 2026 01 28T18:01:23+10:30

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward OpenAI text-to-speech wrapper that sends user-provided text to OpenAI using the user's API key, with no hidden or unrelated behavior found.

Install only if you are comfortable sending the text you provide to OpenAI and paying for usage on the configured API key. Keep the API key out of source control and protect any local config file that stores it; also ensure jq is installed even though the skill only declares curl.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill encourages sending arbitrary text to OpenAI's external TTS API but does not warn users that their input leaves the local environment and may contain sensitive data. This can lead to accidental disclosure of secrets, personal data, or proprietary content when users assume the skill operates locally.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The instructions recommend storing an API key in a local clawdbot config file but do not warn about the sensitivity of that credential or the need to protect file permissions. Users may persist secrets in plaintext in a broadly readable location, increasing the risk of credential theft and subsequent unauthorized API usage.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script transmits user-provided text to OpenAI's remote TTS API but gives no runtime warning, confirmation, or disclosure that the input leaves the local system. This creates a real privacy and data-handling risk because users may pass sensitive content assuming local processing, especially since the skill interface is a simple shell script.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal