Back to skill
Skillv0.1.0
ClawScan security
Speech · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousMar 9, 2026, 10:25 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill is a coherent text-to-speech integration, but the registry metadata omits a required API credential (OPENAI_API_KEY) declared in SKILL.md and the bundled script — this mismatch should be resolved before installing.
- Guidance
- This appears to be a legitimate TTS skill that uses the OpenAI Audio API and a bundled Python CLI. Before installing: (1) confirm how your agent platform expects required credentials to be declared and stored — SKILL.md and the script require OPENAI_API_KEY but the registry metadata does not list it; (2) provide the API key via an environment variable or platform secret store (do not paste the key into chat); (3) review the bundled script locally (it supports --dry-run which prints payloads) and consider running a dry-run first to inspect behavior and outputs without network calls; (4) be cautious about enabling network access or relaxing sandbox approvals — speech generation requires outbound network access to OpenAI. If you need higher assurance, ask the author/registry maintainer to update the metadata to declare OPENAI_API_KEY as a required credential.
Review Dimensions
- Purpose & Capability
- concernName, description, SKILL.md, references, and the bundled CLI script all align: this is a TTS skill that uses the OpenAI Audio API and built-in voices. However, the registry metadata claims no required environment variables or primary credential while the runtime instructions and script require OPENAI_API_KEY — an inconsistency in declared requirements.
- Instruction Scope
- okSKILL.md instructs the agent to use the bundled CLI (scripts/text_to_speech.py), collect inputs, optionally write transient JSONL under tmp/, and write outputs under output/speech/. It requires an API key for live network calls and explicitly discourages pasting the key in chat. The instructions do not ask for unrelated files, additional credentials, or external endpoints beyond the OpenAI API.
- Install Mechanism
- okThere is no install spec (instruction-only), and the one bundled script relies on the public openai Python package. Installation guidance recommends pip (or uv pip). There are no downloads from arbitrary URLs or archive extraction steps in the repo.
- Credentials
- concernThe runtime requires OPENAI_API_KEY for live API calls (and the script checks env). The skill metadata, however, lists no required env vars or primary credential — this omission is a red flag because the agent platform may not surface or protect the API key as expected. No other unrelated credentials or sensitive config paths are requested.
- Persistence & Privilege
- okThe skill does not request always:true, does not modify other skills' configs, and has normal ephemeral behavior (writes outputs and temporary JSONL). Autonomous invocation is allowed by default (platform normal) but not combined with other elevated privileges here.