Skillv1.0.0

ClawScan security

Voice Reply · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewMar 15, 2026, 4:59 AM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill largely does what it says (convert replies to Noiz TTS and save/play MP3s), but it will automatically transmit reply text (and any reference audio you point it at) to external Noiz servers, write an API key file in your home directory and desktop files, and may run package installs and subprocesses — review privacy and local-file upload behavior before using.
Guidance: What to consider before installing: - Privacy: Every reply converted to audio will be sent to Noiz's servers (https://noiz.ai). Do not enable this for conversations containing sensitive personal, corporate, or secret data. The skill will also upload any 'reference audio' you supply (local file paths will be read and uploaded), and the render_timeline/voice-map features could cause local files referenced in JSON to be uploaded unintentionally. - API key storage: The skill stores the Noiz API key in ~/.noiz_api_key (file permissions 600); you can also set NOIZ_API_KEY in your environment. Make sure you trust the service and want to provide credentials. - Runtime behavior: When run it may call ffmpeg, audio players (afplay/aplay/paplay), and may attempt to install the Python 'requests' package by invoking 'uv pip install requests'. Expect subprocess execution and network access from the host when the skill runs. - Local files: The skill saves MP3s to your Desktop and deletes the previous file automatically; if you have scripts monitoring the Desktop or sensitive files there, be aware of this behavior. - Review the code: If you are concerned, inspect the included scripts (noiz_tts.py, voice.py, tts.py, render_timeline.py) to confirm where files are read, written, or uploaded and remove or sandbox features you don't want. If you only want offline/local-only operation, prefer the kokoro backend (requires installing kokoro-tts and ffmpeg) and avoid configuring the Noiz API key. - What would change this assessment: explicit README/homepage and a known author identity, clearer SKILL.md warnings about uploading local reference audio, or a mode that forces strictly local-only TTS (no network calls) would increase confidence. If you accept external TTS for all replies and trust noiz.ai, this skill appears functionally coherent; otherwise treat it with caution.

Review Dimensions

Purpose & Capability: okName/description match the implementation: the package includes multiple TTS entrypoints (voice.py / tts.py / noiz_tts.py), SRT/timeline utilities, and playback. Required capabilities (ffmpeg, audio player, optional kokoro-tts) are consistent with audio rendering. There are no unrelated credentials or tools requested in the registry metadata.
Instruction Scope: concernSKILL.md asks that each reply be converted to audio and saved to ~/Desktop and to configure a Noiz API key. The included scripts actually POST text to Noiz endpoints (text-to-speech and emotion-enhance) — which is expected for TTS but means all reply text is sent to an external service. More importantly, several code paths accept 'reference_audio' paths or URLs: local files will be opened and uploaded to the Noiz API, and URLs will be downloaded then uploaded. render_timeline/voice-map features could read user-supplied JSON that references local paths/URLs, causing upload of local files. The SKILL.md does not warn about uploading local files or the degree of outbound network activity.
Install Mechanism: noteThis is instruction-only (no install spec) so nothing is automatically written to disk at install time. However, runtime helpers (ensure_noiz_ready) call subprocess to install the 'requests' package via 'uv pip install requests' if missing, and the scripts will invoke external binaries (ffmpeg, audio players, kokoro-tts). That means network installs and subprocess execution may occur when the skill runs.
Credentials: noteThe registry lists no required env vars, but the code uses the NOIZ_API_KEY environment variable and writes/reads ~/.noiz_api_key. Storing the API key under the user's home (mode 600) is normal for this purpose. Still: the skill will transmit arbitrary reply text to noiz.ai and may upload local reference audio files — both are sensitive operations and should be considered proportional only if you expect external TTS.
Persistence & Privilege: okThe skill does not request 'always' or other special platform privileges. It will create/modify its own files: ~/.noiz_api_key and MP3s on the user's Desktop, plus temporary files in /tmp. It does not modify other skills' config, but it does execute subprocesses and may install Python packages at runtime.