Skill
PendingVirusTotal audit pending.
Overview
No VirusTotal analysis has been recorded yet. File reputation checks will appear here once the artifact hash has been scanned.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Downloaded voice assets could affect what gets installed or used locally, so users should trust the source before downloading voices.
The skill documents third-party voice model downloads. This is expected for a TTS voice skill, but the artifact does not describe integrity checks, pinning, or provenance validation.
All voices are downloaded from [HuggingFace](https://huggingface.co/rhasspy/piper-voices)
Use voice downloads only from the documented source and verify the actual implementation if available, especially before using any update feature.
Recent TTS output may remain available locally for replay until it is cleaned up or rotated out.
The skill states that recent spoken audio is retained for replay. This is purpose-aligned for TTS, but spoken content may include sensitive conversation text.
/agent-vibes:replay [N] Replay recent audio (last 10 kept).
Avoid speaking highly sensitive content if audio caching is a concern, and use the documented cleanup command when needed.