Back to plugin

Security audit

Xiaomi TTS

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real Xiaomi text-to-speech plugin, but it may expose spoken text through logs and an optional extra AI-model audio-tagging step.

Review before installing if your agent may speak sensitive messages. Use a dedicated Xiaomi API key, verify the baseUrl, consider leaving audioTags disabled unless you accept the extra model call, and check whether OpenClaw logs will retain full spoken text.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal

Static analysis

No suspicious patterns detected.