Valtec Vietnamese TTS

Security checks across malware telemetry and agentic risk

Overview

This skill is a transparent local Vietnamese text-to-speech wrapper, but users should trust the upstream Python repo and only clone voices they are allowed to use.

Install only if you trust the upstream valtec-tts repository and are comfortable running pip install from it. Expect an initial HuggingFace model download, consider using an isolated Python environment, and use voice cloning only with consent or for voices you are authorized to synthesize.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 95% confidence
Finding: The skill advertises itself as fully offline and no-cloud, but the notes state that models are downloaded from HuggingFace on first run. This is dangerous because users and operators may trust the skill in restricted or air-gapped environments, leading to unexpected outbound network access, policy violations, and unreviewed third-party model retrieval.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill exposes zero-shot voice cloning with no warning about consent, impersonation, or fraud risks. In this context, the capability directly enables realistic speaker imitation from a short sample, which increases the chance of social engineering, non-consensual synthesis, and reputational harm if adopted without safeguards.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal