Qwen3-tts
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the server is reachable on a network, other devices may submit text for synthesis, consume local compute, and potentially expose private text sent for TTS.
The server exposes a /tts endpoint and defaults to listening on all interfaces; the provided server code shows no authentication or authorization check around requests.
@app.post("/tts")
def synthesize(request: TTSRequest):
...
parser.add_argument("--host", default="0.0.0.0", help="Host to bind")Run the server only on localhost or a trusted private network, add authentication or firewall rules, and avoid sending sensitive text to a remote server unless you control and secure it.
A reachable caller could trigger unexpected model downloads or large resource use on the server machine.
The remote request can choose the model name, which is passed directly into model loading without an allowlist or size/source restriction.
model: str = "Qwen/Qwen3-TTS-12Hz-0.6B-CustomVoice" ... model = load_model(request.model) ... tts_model = Qwen3TTSModel.from_pretrained(model_name,
Hard-code or allowlist approved model IDs on the server, ignore client-supplied model names by default, and add request limits.
The installed code and dependencies may change over time if package versions are not pinned.
The setup script installs unpinned packages from package repositories; this is purpose-aligned for a local TTS model but depends on external package provenance.
pip install --upgrade pip setuptools wheel ... pip install qwen-tts soundfile
Review the packages before installing, prefer pinned versions or hashes, and install in the provided virtual environment only.
If enabled, the service can continue running after the original task, extending any network exposure until it is stopped.
The documentation includes an optional launchd configuration that keeps the TTS server running persistently.
<key>RunAtLoad</key> <true/> <key>KeepAlive</key> <true/>
Use autostart only if needed, document it clearly, and unload the launch agent when remote TTS is no longer required.