Talking Circle
Security checks across malware telemetry and agentic risk
Overview
The skill largely matches its video-generation purpose, but its SaluteSpeech mode disables HTTPS certificate checks while using credentials, and it includes some review-worthy agent/install behavior.
Review before installing. Audio-to-video and ElevenLabs mode are broadly aligned with the stated purpose, but avoid SaluteSpeech mode unless TLS verification is fixed. Run the skill in a trusted environment, consider pinning dependencies, and make sure any agent ignores the AGENTS.md Git push rule unless you explicitly want repository changes published.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If you use SaluteSpeech mode, a network attacker or misconfigured proxy could intercept or tamper with credential/token traffic more easily.
The SaluteSpeech OAuth request sends a Basic-auth credential while TLS certificate verification is disabled and warnings are suppressed.
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) ... "Authorization": f"Basic {auth_key}" ... requests.post(..., timeout=30, verify=False)Avoid SaluteSpeech mode until this is fixed, or change the code to keep certificate verification enabled and use a proper CA bundle if the provider requires one.
On a shared or previously tampered machine, a preexisting /tmp/talking-circle-venv/bin/python could cause the skill to run unintended code.
The script reuses a Python executable from a shared /tmp path if it already exists, then runs it for video generation; it also installs dependencies at runtime.
venv_dir = Path("/tmp/talking-circle-venv") ... if py.exists(): return str(py) ... subprocess.run([str(pip), "install", "--quiet", "-r", str(req)], check=True)Use a per-user, permission-checked cache directory or create the virtualenv under the skill/user data directory, and verify ownership before reusing it.
Future installs may resolve different package versions, and compromise or breaking changes in dependencies could affect the skill.
The dependency list is unpinned, while the skill documentation says dependencies are auto-installed into a temporary venv on first run.
numpy pillow requests
Pin dependency versions or use a lockfile, and install from trusted package indexes.
If an agent loads and follows this file while working in the repository, it could push changes without the user explicitly asking for publication.
This is a broad instruction to an agent about Git publishing behavior, unrelated to generating talking-circle videos.
- Always commit and push together. Never leave commits unpushed.
Remove or ignore this AGENTS.md rule for installed skill use, and require explicit user approval before any commit or push.
Any text you ask it to synthesize may be processed by ElevenLabs or SaluteSpeech, according to the mode used.
The skill discloses that text-to-video mode sends user-provided text to third-party TTS providers.
Generate speech from text via ElevenLabs TTS ... Requires `ELEVENLABS_API_KEY` ... Generate speech from text via SaluteSpeech TTS (Sber) ... Requires `SALUTE_SPEECH_AUTH`
Do not send private or regulated text to TTS providers unless their terms and data handling are acceptable to you.