Qwen3-TTS + Feishu Voice
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent or user processes an attacker-controlled filename, code could run locally under the user account.
The first command-line argument is interpolated directly into Python source inside a string literal. A WAV filename containing quotes or Python syntax could break out of the literal and execute Python code when the script calculates duration.
WAV_FILE="${1}" ... DURATION_MS=$(python3 -c "\n...\n with wave.open('$WAV_FILE') as f:\n...")Pass the filename to Python as an argument instead of embedding it in code, for example using python3 - "$WAV_FILE" and reading sys.argv[1], and validate/quote all shell arguments.
The configured Feishu app can upload resources and send voice messages as a bot to permitted recipients.
The skill clearly discloses that a Feishu custom app needs bot message-sending and resource-upload permissions.
应用已开通权限:`im:message:send_as_bot`、`im:resource`
Use a least-privilege Feishu app, keep FEISHU_APP_SECRET private, and only invoke sending for intended recipients.
Any audio sent with this helper is transmitted to Feishu’s service and to the chosen recipient.
The script uploads the generated Opus audio file to Feishu before sending the audio message. This is expected for the Feishu voice-message feature, but it means the audio leaves the local machine.
curl -s -X POST "https://open.feishu.cn/open-apis/im/v1/files" ... -F "file=@$OPUS_FILE"
Only send audio that is appropriate to share with Feishu and the selected recipient; avoid processing confidential text unless that sharing is intended.
Future package or model changes could affect behavior, compatibility, or security.
The installation instructions fetch unpinned Python packages and a large external model from public repositories. This is purpose-aligned for local TTS, but provenance and version pinning are not locked down.
pip install qwen-tts soundfile modelscope ... huggingface-cli download Qwen/Qwen3-TTS-12Hz-1.7B-CustomVoice
Install in a virtual environment, pin known-good package versions and model revisions where possible, and download from trusted sources.