ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Qwen Tts

v1.0.2

阿里云千问语音合成(TTS)技能,支持将文本转换为自然语音。当用户要求朗读、语音合成、文字转语音、TTS、读一段话、把文字转成声音时使用。支持多种音色(中文/英文/方言),支持流式输出边合成边播放。

0· 94·0 current·0 all-time
bywoodylan@lanlan314

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for lanlan314/qwen-tts-lan.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Qwen Tts" (lanlan314/qwen-tts-lan) from ClawHub.
Skill page: https://clawhub.ai/lanlan314/qwen-tts-lan
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install qwen-tts-lan

ClawHub CLI

Package manager switcher

npx clawhub@latest install qwen-tts-lan
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The declared purpose (Qwen TTS using 千问/Dashscope) matches the scripts and documentation: they call Dashscope TTS endpoints and produce audio. However, the registry metadata lists no required environment variables or binaries while SKILL.md and the shipped scripts clearly require DASHSCOPE_API_KEY and optional FEISHU_* credentials, plus ffmpeg, jq, python3 and requests. The omission in metadata is an inconsistency that reduces transparency.
Instruction Scope
SKILL.md and the scripts limit behavior to building requests to Dashscope, downloading the returned audio, converting formats, and optionally uploading to Feishu. They do not attempt to read unrelated system files or credentials. The instructions explicitly state which env vars are needed and which scripts need Feishu creds.
Install Mechanism
No install spec is provided (instruction-only skill with included scripts) so nothing is auto-downloaded or executed during install. This is lower risk. The included scripts are plain Bash/Python and call standard network endpoints; there are no obfuscated downloads or third-party archive installations.
!
Credentials
The environment variables required by the scripts (DASHSCOPE_API_KEY, and optionally FEISHU_APP_ID, FEISHU_APP_SECRET, FEISHU_USER_ID) are reasonable and proportional to the stated functionality. The concern is that the registry metadata declares 'Required env vars: none' and 'Required binaries: none', which is inaccurate and could mislead users about the secrets and tools the skill needs.
Persistence & Privilege
The skill is not always-enabled and is user-invocable; it does not request elevated or persistent platform privileges. It does make outbound network calls to Dashscope and optionally Feishu when used, which is expected for a TTS/sending skill.
What to consider before installing
This skill appears to implement the described TTS functionality, but the registry metadata incorrectly omits required environment variables and binaries. Before installing or using it: 1) verify you trust the source (homepage is missing). 2) Expect to provide DASHSCOPE_API_KEY for TTS and, only if you use speak_and_send.py, FEISHU_APP_ID/FEISHU_APP_SECRET/FEISHU_USER_ID to send audio to Feishu. 3) Ensure ffmpeg, jq, python3 and the Python requests library are available. 4) Be aware that text you submit will be sent to Dashscope/Aliyun and (if using the send script) audio will be uploaded to Feishu — avoid sending sensitive content. 5) Prefer running the scripts in a sandbox first and consider rotating any API keys used. Finally, ask the publisher or maintainer to correct the registry metadata to accurately list required env vars and binaries.

Like a lobster shell, security has layers — review code before you run it.

latestvk976yhzt0y8mj25mvc63z2n8qx83zpy9
94downloads
0stars
3versions
Updated 4w ago
v1.0.2
MIT-0
woodylan@lanlan314
latest
Download

千问语音合成技能 (qwen-tts)

⚠️ 环境变量配置

基础配置(使用任何脚本都需要)

环境变量说明获取方式
DASHSCOPE_API_KEY千问 API 密钥阿里云百炼控制台

飞书配置(仅 speak_and_send.py 需要)

speak.sh 只需要 DASHSCOPE_API_KEY。如果需要发送语音到飞书,还需配置:

环境变量说明获取方式
FEISHU_APP_ID飞书应用 App ID飞书开放平台应用凭证
FEISHU_APP_SECRET飞书应用 App Secret飞书开放平台应用凭证
FEISHU_USER_ID接收语音的飞书用户 ID飞书用户 open_id

最小配置(只需 DASHSCOPE_API_KEY):

export DASHSCOPE_API_KEY="sk-xxxxx"

完整配置(包含飞书发送):

export DASHSCOPE_API_KEY="sk-xxxxx"
export FEISHU_APP_ID="cli_xxxxx"
export FEISHU_APP_SECRET="xxxxx"
export FEISHU_USER_ID="ou_xxxxx"

快速使用

基本语音合成(同步接口)

使用 curl 调用千问 TTS:

curl -X POST 'https://dashscope.aliyuncs.com/api/v1/services/aigc/multimodal-generation/generation' \
  -H "Authorization: Bearer $DASHSCOPE_API_KEY" \
  -H 'Content-Type: application/json' \
  -d '{
    "model": "qwen3-tts-flash",
    "input": {
      "text": "要转换的文本内容",
      "voice": "Cherry",
      "language_type": "Chinese"
    }
  }'

常用模型

模型特点适用场景
qwen3-tts-flash快速、便宜短文本、导航、通知、教育课件
qwen3-tts-instruct-flash支持指令控制情感有声书、广播剧、游戏配音
qwen3-tts-vd声音设计品牌定制、从零设计音色
qwen3-tts-vc声音复刻基于样本复刻真人音色

常用音色(voice 参数)

音色名语言/风格说明
Cherry中文女声,活泼
Azure英文女声,标准
Alexander英文男声
Huogeng中文女声,温柔
Shanbin中文男声,沉稳
Emma英文女声,轻快

更多音色请参见 references/voices.md

常用参数

参数说明默认值
text要转换的文本,建议不超过300字符必填
voice音色名称Cherry
language_type文本语言:Chinese / English / yue(粤语)等自动检测
instructions情感/风格指令(仅 instruct 模型)-

输出格式

音频 URL 有效期 24小时,返回格式为 wav。

执行流程

  1. 检查环境变量:确保 DASHSCOPE_API_KEY 已设置
  2. 构建请求:根据文本和音色参数构建 JSON
  3. 调用 API:POST 到千问 TTS 接口
  4. 下载音频:从响应中提取 URL 并下载
  5. 返回结果:音频文件路径或发送给你

示例:中文朗读

curl -X POST 'https://dashscope.aliyuncs.com/api/v1/services/aigc/multimodal-generation/generation' \
  -H "Authorization: Bearer $DASHSCOPE_API_KEY" \
  -H 'Content-Type: application/json' \
  -d '{
    "model": "qwen3-tts-flash",
    "input": {
      "text": "你好,我是千问语音助手,今天天气真不错。",
      "voice": "Cherry",
      "language_type": "Chinese"
    }
  }'

脚本说明

本技能包含两个脚本,按需使用:

scripts/speak.sh

纯 Bash 脚本,仅生成本地音频文件,不需要飞书凭证

# 只需要 DASHSCOPE_API_KEY
./speak.sh "要转换的文本" [音色]
# 输出: /tmp/qwen_tts_xxx.ogg

scripts/speak_and_send.py

Python 脚本,生成 TTS 并发送到飞书,需要配置飞书凭证

# 需要 DASHSCOPE_API_KEY + FEISHU_* 环境变量
python3 speak_and_send.py "要说的文本" [音色]
# 自动发送到配置的 FEISHU_USER_ID

参考资料

完整音色列表和 API 文档请参见:

依赖说明

  • ffmpeg - 音频格式转换(脚本需要)
  • jq - JSON 处理(speak.sh 需要)
  • python3 + requests - speak_and_send.py 需要

Comments

Loading comments...