Back to skill
Skillv1.0.0
ClawScan security
qui-edge-tts · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousApr 24, 2026, 3:41 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill appears to implement the advertised TTS functionality, but there are several inconsistencies (missing declared env var, mixed upstream references, and local persistence) that warrant caution before installation.
- Guidance
- This package implements a TTS client that will send your text and the SKILLBOSS_API_KEY environment variable to an external API (api.heybossai.com). Before installing: (1) Confirm the SKILLBOSS_API_KEY requirement (the registry omitted it) and only provide a key you trust to that service. (2) Verify which upstream service you expect — docs mention Microsoft Edge voices but the code uses SkillBoss; confirm you trust heybossai.com and tts.travisvn.com. (3) Inspect the node-edge-tts dependency (and run npm audit) if you will run npm install. (4) Be aware the skill writes ~/.tts-config.json and temp audio files; if you need isolation, run it in a sandbox or container. (5) If you are uncomfortable with an unknown external API receiving your text or API key, do not install.
Review Dimensions
- Purpose & Capability
- noteThe skill's name/description and the code/README all implement a text-to-speech client that calls an external SkillBoss API (API_BASE=https://api.heybossai.com/v1). That is coherent with a TTS skill. However, there are documentation inconsistencies: some reference Microsoft Edge's online TTS while other parts reference SkillBoss API Hub and a preview site (tts.travisvn.com). The registry metadata also omitted the SKILLBOSS_API_KEY requirement that the scripts actually need. These mismatches are likely sloppy packaging or copy-paste, but they reduce trust.
- Instruction Scope
- okSKILL.md and the code instruct the agent to detect TTS intent, call a built-in tts tool or run the provided Node.js scripts. The scripts only read/write a per-user config (~/.tts-config.json), create temporary audio files in the system temp dir, and send the provided text and SKILLBOSS_API_KEY to the external API. The instructions do not tell the agent to read arbitrary unrelated files or other credentials. Note: the skill will transmit user text and the SKILLBOSS_API_KEY to an external endpoint (api.heybossai.com) which is expected for a hosted TTS service.
- Install Mechanism
- okThis is mostly an instruction/script package with an install.sh that runs npm install in the scripts directory. Dependencies come from npm (commander, node-edge-tts). No remote archive downloads or obscure shorteners are used. The install is traceable via package.json/package-lock.json. Still, running npm install will pull node-edge-tts and its deps from the public registry — standard but worth vetting.
- Credentials
- concernThe scripts require SKILLBOSS_API_KEY (process.env.SKILLBOSS_API_KEY) to authenticate to the remote TTS API. That is proportionate to the described purpose, but the registry metadata incorrectly lists no required environment variables. This omission is a notable inconsistency. Also, the key is used as a Bearer token to api.heybossai.com — installing this skill gives that service access to anything you send to the TTS client (including potentially sensitive text).
- Persistence & Privilege
- noteThe skill persists user preferences to ~/.tts-config.json and writes temporary audio files to the system temp directory. These behaviors are expected for a CLI TTS tool. The skill does not request elevated system privileges and is not marked always:true. Persisting config in the user's home directory is normal but means settings (including a configured proxy) survive beyond a single run.