Skillv1.1.0

ClawScan security

MiniMax TTS · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 17, 2026, 10:57 PM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill appears to implement MiniMax TTS correctly, but its metadata omits the required MINIMAX_API_KEY and some runtime assumptions (Python, local save path), which is an incoherence you should resolve before trusting it.
Guidance: This skill appears to be a real MiniMax TTS client, but metadata omitted its required credential. Before installing: (1) confirm the MINIMAX_API_KEY requirement and only provide a key with limited scope/quota; (2) inspect the included Python scripts yourself (they're present) and ensure you have a trusted MiniMax API domain (api.minimaxi.com) and acceptable privacy/usage terms for voice cloning; (3) be aware audio files will be saved to ~/.openclaw/workspace/assets/audios by default — change that if you don't want persistent files; (4) ensure a Python runtime and the requests library are available; (5) avoid supplying broader credentials (AWS, database, etc.) since none are needed. The main risk is the metadata mismatch (undeclared secret requirement) — fix or confirm that before use.

Review Dimensions

Purpose & Capability: noteName/description match the included code and docs: the scripts and references call MiniMax TTS endpoints for async/sync TTS, voice cloning and voice management. That capability is coherent with the stated purpose. However, the package metadata declares no required credentials while every script and SKILL.md rely on an environment variable MINIMAX_API_KEY — a mismatched declaration.
Instruction Scope: noteSKILL.md and the scripts instruct the agent to call https://api.minimaxi.com endpoints, poll task status, download audio, and save files to ~/.openclaw/workspace/assets/audios. These actions are consistent with TTS functionality. The instruction set does reference and require MINIMAX_API_KEY at runtime (os.getenv calls) even though the registry metadata omitted that requirement. The save path is under the skill workspace (not a system-wide path), but it is hard-coded in docs/scripts — consider whether you want files written there.
Install Mechanism: okNo install specification or external downloads; the skill is instruction- and script-based. That is lower risk than arbitrary remote installs. The included Python scripts use the requests library and expect a Python runtime; no package manager downloads or extraction from unknown URLs are present.
Credentials: concernAll scripts require MINIMAX_API_KEY (os.getenv('MINIMAX_API_KEY')) for Bearer auth to MiniMax endpoints, but the skill's declared required env vars/primary credential fields are empty. This is a clear inconsistency: the skill will fail or implicitly require you to set a secret without metadata documenting it. No other unrelated credentials are requested.
Persistence & Privilege: okThe skill does not request always:true, does not modify other skills' configs, and does not request elevated or persistent platform privileges. It only writes audio files into a workspace directory and uses network calls to the stated API domains.