Cyber Horn
ReviewAudited by ClawScan on May 10, 2026.
Overview
Cyber Horn appears to do what it says—convert supplied text to speech and send it to Feishu—but it uses Feishu credentials and can post voice messages to chats.
Before installing, confirm you trust the source, use a narrowly permissioned Feishu app, keep FEISHU_APP_SECRET and any ElevenLabs key private, verify the default chat ID, and avoid sending confidential text unless the Edge/ElevenLabs and Feishu data flows are acceptable.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If installed with powerful Feishu app permissions, the skill can send messages wherever that app is allowed to send them.
The skill uses Feishu app credentials to obtain a tenant access token. This is expected for sending Feishu messages, but it gives the skill delegated authority through the Feishu app.
AUTH_URL = "https://open.feishu.cn/open-apis/auth/v3/tenant_access_token/internal" ... json={"app_id": app_id, "app_secret": app_secret}Use a Feishu app with the narrowest permissions needed, protect FEISHU_APP_SECRET, and avoid granting this skill access to chats where automated voice posts are not intended.
A mistaken prompt, wrong chat ID, or unintended default chat could post a voice message to the wrong Feishu conversation.
The core workflow uploads generated audio and sends it as a Feishu message. This is purpose-aligned, but it is a real external posting action.
file_key = upload_audio(token, opus_path) send_audio_message(token, chat_id, file_key, receive_id_type=receive_id_type)
Prefer explicit chat IDs for important messages, verify FEISHU_DEFAULT_CHAT_ID, and require clear user intent before using the skill for announcements.
The skill executes whichever ffmpeg binary is found on PATH or configured through FFMPEG_PATH.
The skill runs the local ffmpeg binary to convert generated audio. This is central to the stated purpose and uses list-form subprocess invocation rather than shell execution.
cmd = [ffmpeg, "-y", "-i", str(mp3_path), "-acodec", "libopus", "-ac", "1", "-ar", "16000", str(opus_path)] result = subprocess.run(cmd, capture_output=True, text=True, timeout=60)
Install ffmpeg from a trusted source and ensure FFMPEG_PATH does not point to an untrusted executable.
Any confidential text spoken through the skill may be processed by Edge TTS or ElevenLabs and then uploaded to Feishu.
User-provided text and generated audio are sent to external provider services as part of the disclosed workflow.
Text is synthesized with Edge TTS (default, no API key) or ElevenLabs ... The file is uploaded to Feishu and sent as a voice message
Do not use the skill for sensitive content unless those provider data flows are acceptable for your organization.
Users have less provenance information to verify the publisher or upstream project.
The scan context includes full source files and pinned Python dependencies, but the registry metadata does not identify an upstream source or homepage.
Source: unknown Homepage: none
Review the included source, install dependencies in an isolated environment, and verify the publisher before using production Feishu credentials.