ClawHub
Back to skill

Security audit

Truly Local Piper Multilang TTS (secure)

Security checks across malware telemetry and agentic risk

Overview

This is a coherent local text-to-speech skill with disclosed setup downloads and local file storage, and I found no evidence of hidden data access, exfiltration, persistence, or destructive behavior.

Install only if you are comfortable with a one-time PyPI setup, HuggingFace voice model downloads, and local storage of generated audio under the OpenClaw workspace. Keep OpenClaw current, and avoid synthesizing sensitive text unless you are comfortable with the resulting audio file remaining on disk.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The skill is described as 'fully offline/local,' but the documented setup requires installing piper-tts from PyPI and downloading voice models from the internet. This can mislead users and agents into approving execution under a false trust model, especially in environments where network use is restricted or audited.

Unpinned Dependencies

Low
Category
Supply Chain
Content
},
  "dependencies": {},
  "peerDependencies": {
    "openclaw": "*"
  }
}
Confidence
96% confidence
Finding
"openclaw": "*"

Known Vulnerable Dependency: openclaw — 10 advisory(ies): CVE-2026-32064 (OpenClaw's andbox browser noVNC observer lacked VNC authentication); CVE-2026-32006 (OpenClaw has a BlueBubbles group allowlist mismatch via DM pairing-store fallbac); CVE-2026-41913 (OpenClaw: Concurrent async auth attempts can bypass the intended shared-secret r) +7 more

High
Category
Supply Chain
Confidence
90% confidence
Finding
openclaw

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.