Back to skill

Security audit

Giggle Generation Speech

Security checks across malware telemetry and agentic risk

Overview

This is a real Giggle.pro text-to-speech skill, but it stores submitted text locally without clearly disclosing retention or cleanup.

Review before installing if you may convert private, confidential, or regulated text. Use a dedicated revocable Giggle API key, assume submitted text is sent to Giggle.pro, treat returned signed audio links as sensitive, and periodically delete ~/.openclaw/skills/giggle-generation-speech/logs/ if you do not want prompts retained locally.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The skill stores task metadata and user-derived content under ~/.openclaw/skills/giggle-generation-speech/logs, which exceeds the stated text-to-speech function and creates a local privacy exposure. Because TTS input may contain sensitive text, saving prompt content and task identifiers to disk without clear disclosure or retention controls can leak private data to other local processes, backups, or later users of the machine.

Vague Triggers

Medium
Confidence
79% confidence
Finding
The trigger list is broad enough to match common conversational phrases such as 'read this text aloud' or generic TTS requests, which can cause accidental activation. In a skill that sends user text to an external API and sets up background polling, unintended invocation increases privacy and operational risk.

Missing User Warnings

High
Confidence
94% confidence
Finding
The skill does not clearly warn users, at the point of use, that arbitrary input text will be transmitted to giggle.pro for synthesis. Because users may provide sensitive or proprietary text for voiceover, this omission creates a real data disclosure risk to a third-party service.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill instructs the agent to return full signed URLs containing access parameters such as Policy, Key-Pair-Id, and Signature, but does not warn users that sharing these links may expose temporary access tokens. Those URLs can be forwarded or logged elsewhere, enabling unintended access to generated audio while valid.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
Submitted text is written verbatim to a .prompt file without user-facing notice, creating an undisclosed local record of potentially sensitive input. In the context of a speech-generation skill, users may provide personal, confidential, or regulated content, so silent persistence meaningfully increases privacy and data-handling risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.