Audio Broadcast
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill mostly matches its audio-broadcast purpose, but it ships with a populated credential file and can use credentials over plain HTTP to control broadcast devices and delete server files.
Review before installing. Delete the bundled config.json token, log in with your own credentials, and use the skill only against trusted broadcast servers on a trusted network or VPN. Require confirmation before broadcasting to all devices, changing volume, deleting tasks/files, or enabling the daily cleanup job.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user or agent may operate the broadcast system using the packaged credential instead of the user's intended login, or the token may be exposed to anyone who can read the installed skill files.
The distributed package contains a non-placeholder token and admin username. Because the skill controls broadcast devices and server files, shipping an authenticated config can expose or accidentally reuse privileged access.
"host": "127.0.0.1:12080", "id": 6, "token": "e1edf78dcf26e0457880c62aae017bb1a0648bf8", "username": "admin"
Remove the bundled config.json token before publishing or installing, require each user to log in with their own credentials, and declare the credential/config requirement in metadata.
On an untrusted network or Internet host, broadcast credentials and tokens could be intercepted and then used to control speakers, schedules, or server files.
The client builds HTTP URLs and sends login/password or token-bearing requests through that channel. The skill description also supports Internet use, so credentials may travel unencrypted if pointed at a remote host.
url = f"http://{host}{path}" ... post(host, "/user/fnkukei/gtoken", { "username": username, "passwd": password })Use this only on a trusted LAN/VPN or behind HTTPS/TLS termination, and avoid entering credentials over plain Internet HTTP.
A mistaken or overly broad command could play audio to many speakers, disrupt schedules, or remove broadcast tasks.
The skill exposes commands that can broadcast to all devices, change volume broadly, and delete scheduled tasks. These fit the stated purpose, but they are high-impact operational controls.
python scripts/xiaoboshu.py play <file_id> <device_ids|all> ... python scripts/xiaoboshu.py volume <volume> <device_ids|all> ... python scripts/xiaoboshu.py task-delete <task_id>
Require explicit user confirmation for all-device playback, volume changes, task deletion, file deletion, and other broad or irreversible actions.
If enabled, the cleanup task may continue deleting generated TTS files every day, including files the user expected to keep if they match the cleanup prefixes and are not referenced by tasks.
The documentation recommends a recurring cleanup job. It is disclosed and purpose-aligned, but it keeps acting after the immediate user request and deletes matching TTS files on the server.
安装技能后,建议创建定时任务每天自动清理 TTS 文件 ... python3 /root/.picoclaw/workspace/skills/audio-broadcast/scripts/cleanup_tts.py
Only create the scheduled cleanup job if you want recurring deletion, and review the cleanup criteria before enabling it.
It may be harder to confirm exactly which version of the skill and scripts are installed.
The packaged _meta.json version is 1.1.3 while the registry/SKILL version presented for review is 1.1.4, creating a minor provenance and package-coherence gap.
"slug": "audio-broadcast", "version": "1.1.3"
Publish matching metadata and source/version references so users can verify provenance.
Sensitive announcement text could be sent to the TTS/broadcast service and then stored or played by the broadcast system.
TTS text and generated audio are sent through provider/server flows as part of the advertised feature. This is expected, but users should treat broadcast text as data leaving the local prompt context.
POST /user/ttsplayfile 参数: id, token, speed, vol, shengyin, filename, text, snlist ... 本地 TTS (Edge TTS) ... 生成语音文件后上传播放
Avoid sending secrets or private data in TTS messages unless you trust the configured TTS and broadcast server.