Back to skill

Security audit

Super Auto Talk Tts

Security checks across malware telemetry and agentic risk

Overview

The skill is for text-to-speech, but it pushes always-on speech for every response with persistent agent-rule changes and weak privacy controls.

Review carefully before installing. Only use this if you are comfortable with generated responses being spoken through an external TTS service, and avoid adding the suggested SOUL.md rule unless you truly want persistent always-on speech for every response. Prefer a version with explicit opt-in, disable controls, a present auto-speak executable, and pinned dependencies.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill explicitly instructs users to modify SOUL.md so the agent must speak every response, which expands the skill from an optional utility into system-wide behavior control. This creates persistent prompt/instruction hijacking risk and can force automatic execution of external tooling for all future messages, increasing both privacy exposure and operational risk.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill says every message is automatically spoken but does not clearly warn that message contents are sent to Microsoft Edge's TTS service or another external processor. This can cause unintentional disclosure of sensitive prompts, secrets, or personal data because users may not realize all generated text is transmitted off-box automatically.

Unpinned Dependencies

Low
Category
Supply Chain
Content
"author": "Stefano",
  "license": "MIT",
  "dependencies": {
    "node-edge-tts": "^1.0.0"
  },
  "bin": {
    "auto-speak": "./auto-speak"
Confidence
88% confidence
Finding
"node-edge-tts": "^1.0.0"

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.