ClawHub

China Tts

Security checks across malware telemetry and agentic risk

Overview

This is a coherent cloud text-to-speech skill, but its optional voice-cloning flow uploads sensitive voice recordings without enough consent, privacy, or retention guidance.

Install only if you are comfortable sending text and any reference voice recordings to SiliconFlow. Do not clone anyone's voice unless you own the recording or have explicit permission, treat API keys and custom voice IDs as sensitive, review the provider's retention/deletion terms, and delete custom voices or generated audio when no longer needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (10)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly supports custom voice cloning by uploading reference audio to a third-party API, but it does not provide a clear privacy, ownership, and consent warning at the point of use. This is dangerous because users may upload another person's voice or sensitive recordings without authorization, creating legal, privacy, and impersonation risks beyond ordinary TTS use.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The examples instruct users to send article text and other content directly to a third-party TTS API, but do not warn that the content and associated metadata leave the local environment. This creates a real privacy and data-handling risk, especially if users paste sensitive, proprietary, or personal text into the request under the assumption the skill is purely local.

Missing User Warnings

High
Confidence
99% confidence
Finding
The voice-cloning workflow uploads a reference audio sample to a remote service without any warning about consent, biometric privacy, impersonation, or ownership of the uploaded voice. Voice samples are sensitive biometric-like data, and using another person's audio without informed consent can enable misuse, fraud, or policy/legal violations.

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
# 先上传参考音频(一次性操作,30秒以内的清晰录音)
curl --location 'https://api.siliconflow.cn/v1/uploads/audio/voice' \
  --header "Authorization: Bearer $SILICONFLOW_API_KEY" \
  --form 'model="FunAudioLLM/CosyVoice2-0.5B"' \
  --form 'customName="my-voice"' \
Confidence
89% confidence
Finding
https://api.siliconflow.cn/

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
OUTPUT_DIR="${OPENCLAW_WORKSPACE:-$PWD}/tts" && mkdir -p "$OUTPUT_DIR"
curl --location 'https://api.siliconflow.cn/v1/audio/speech' \
  --header "Authorization: Bearer $SILICONFLOW_API_KEY" \
  --header 'Content-Type: application/json' \
  --data '{
Confidence
93% confidence
Finding
curl --location 'https://api.siliconflow.cn/v1/audio/speech' \ --header "Authorization: Bearer $SILICONFLOW_API_KEY" \ --header 'Content-Type: application/json' \ --data

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
OUTPUT_DIR="${OPENCLAW_WORKSPACE:-$PWD}/tts" && mkdir -p "$OUTPUT_DIR"
curl --location 'https://api.siliconflow.cn/v1/audio/speech' \
  --header "Authorization: Bearer $SILICONFLOW_API_KEY" \
  --header 'Content-Type: application/json' \
  --data '{
Confidence
92% confidence
Finding
curl --location 'https://api.siliconflow.cn/v1/audio/speech' \ --header "Authorization: Bearer $SILICONFLOW_API_KEY" \ --header 'Content-Type: application/json' \ --data '{ "model": "fnlp/MO

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
OUTPUT_DIR="${OPENCLAW_WORKSPACE:-$PWD}/tts" && mkdir -p "$OUTPUT_DIR"
curl --location 'https://api.siliconflow.cn/v1/audio/speech' \
  --header "Authorization: Bearer $SILICONFLOW_API_KEY" \
  --header 'Content-Type: application/json' \
  --data '{
Confidence
93% confidence
Finding
https://api.siliconflow.cn/

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
OUTPUT_DIR="${OPENCLAW_WORKSPACE:-$PWD}/tts" && mkdir -p "$OUTPUT_DIR"
curl --location 'https://api.siliconflow.cn/v1/audio/speech' \
  --header "Authorization: Bearer $SILICONFLOW_API_KEY" \
  --header 'Content-Type: application/json' \
  --data '{
Confidence
92% confidence
Finding
https://api.siliconflow.cn/

External Transmission

Medium
Category
Data Exfiltration
Content
**第一步:上传参考音频(一次性)**

```bash
curl --location 'https://api.siliconflow.cn/v1/uploads/audio/voice' \
  --header "Authorization: Bearer $SILICONFLOW_API_KEY" \
  --form 'model="FunAudioLLM/CosyVoice2-0.5B"' \
  --form 'customName="my-voice"' \
Confidence
98% confidence
Finding
https://api.siliconflow.cn/

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
OUTPUT_DIR="${OPENCLAW_WORKSPACE:-$PWD}/tts" && mkdir -p "$OUTPUT_DIR"
curl --location 'https://api.siliconflow.cn/v1/audio/speech' \
  --header "Authorization: Bearer $SILICONFLOW_API_KEY" \
  --header 'Content-Type: application/json' \
  --data '{
Confidence
94% confidence
Finding
https://api.siliconflow.cn/

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal