ClawHub

Cyber Horn

v1.0.3

Turn text into spoken Feishu (Lark) voice messages. Use when the agent should speak in a Feishu group, send voice alerts or announcements, or reply with a pl...

2· 333·0 current·0 all-time
by@richerlv
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (TTS → Feishu voice messages) aligns with required items: ffmpeg for encoding, FEISHU_APP_ID/FEISHU_APP_SECRET for API calls, optional ElevenLabs credentials for alternate TTS. The declared primary credential and required binaries are appropriate for the stated functionality.
Instruction Scope
SKILL.md and code instruct only to load .env, synthesize audio (Edge or ElevenLabs), transcode via ffmpeg, upload to Feishu, and send a voice message. The runtime steps and files accessed are limited to temp audio files and declared env vars; there are no instructions to read unrelated system files or to post data to unexpected external endpoints.
Install Mechanism
This is instruction-only for OpenClaw (no platform install spec). The repository includes a requirements.txt with expected TTS and HTTP libraries (edge-tts, elevenlabs, requests, etc.). Nothing is downloaded from arbitrary URLs, but the dependency list is non-trivial — audit and install in a virtual environment.
Credentials
Requested env vars (FEISHU_APP_ID, FEISHU_APP_SECRET, optional ELEVEN_API_KEY/VOICE_ID, EDGE settings) are consistent with functionality. However FEISHU_APP_SECRET is powerful (allows sending messages using the app); ensure the provided Feishu app has minimal necessary scopes and is trusted. ElevenLabs keys are optional and only needed if that provider is selected.
Persistence & Privilege
Skill does not request persistent 'always' inclusion and does not modify other skills or system-wide configs. It runs as a script, cleans up temp files, and uses only its own config.
Assessment
This skill appears to do what it says: synthesize TTS and send native Feishu voice messages. Before installing: (1) provide FEISHU_APP_ID/FEISHU_APP_SECRET only for an app you control and limit that app's scopes (it can send messages wherever permitted); (2) if using ElevenLabs, only supply ELEVEN_API_KEY if you trust the voice cloning usage; (3) install dependencies in a virtualenv and review requirements.txt for packages you wish to allow; (4) confirm ffmpeg is a trusted binary on PATH; (5) be aware the agent (if invoked) can send voice messages to any receive_id the app is permitted to message. If you want extra assurance, review the code (especially feishu_client.py and audio_engine.py) and run tests locally with test scripts before granting this skill access to production credentials.

Like a lobster shell, security has layers — review code before you run it.

latestvk9795prgezvj0gvwy49fxhb31n830t16

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔊 Clawdis
OSLinux · macOS · Windows
Binsffmpeg
EnvFEISHU_APP_ID, FEISHU_APP_SECRET
Primary envFEISHU_APP_ID

Comments