ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Audio Content Generator

v1.0.0

Generate audiobooks, podcasts, or educational audio content on demand. User provides an idea or topic, Claude AI writes a script, and ElevenLabs converts it to high-quality audio. Supports multiple formats (audiobook, podcast, educational), custom lengths, and voice effects. Use when asked to create audio content, make a podcast, generate an audiobook, or produce educational audio. Returns MP3 audio file via MEDIA token.

1· 2.6k·1 current·1 all-time
by@udiedrichsen
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's name/description match the requested environment variables (ANTHROPIC_API_KEY and ELEVENLABS_API_KEY). However the SKILL.md references a dependency on another skill ('sag') and instructs running an absolute local script at /home/clawdbot/clawdbot/skills/sag/scripts/tts.py using the 'uv' runner. The required-binaries block lists none, so the runtime command/runner requirement is not declared. Calling a local script in another skill's directory is unexpected given there's no install or code manifest for that script here.
!
Instruction Scope
The instructions explicitly tell the agent to execute a local TTS script and place output under /tmp; they also assume ELEVENLABS_API_KEY is 'already configured'. That ties runtime behavior to host filesystem state and environment secrets outside the skill bundle. Executing an arbitrary local script can perform any action (network calls, read other files, exfiltrate secrets). The rest of the instructions (script generation, formatting rules, user approval flow) are reasonable for the stated purpose, but the direct call to a host script expands scope beyond what the description conveys.
Install Mechanism
There is no install spec (instruction-only), which normally reduces risk. But because the instructions call a local script via the 'uv' command, the skill implicitly requires that binary and that local script to exist; neither is declared or provided. Lack of an install step is coherent only if the environment already supplies the runner and the referenced script — that assumption is brittle and should be confirmed.
Credentials
The skill requests only ANTHROPIC_API_KEY and ELEVENLABS_API_KEY. Both are relevant to generating scripts (Anthropic/Claude) and converting text to speech (ElevenLabs). The primaryEnv is ANTHROPIC_API_KEY which is consistent with the LLM-first workflow. No unrelated secrets or large credential lists are requested.
Persistence & Privilege
The skill does not request always:true and does not claim to modify system or other skills' configs. However it references and executes a script located inside another skill's directory ('sag'), which implies cross-skill access to filesystem content; that's a privilege-like behavior and should be validated. Autonomous invocation is allowed (default), which combined with executing a local script increases blast radius if the script is untrusted.
What to consider before installing
This skill's high-level behavior (LLM writes a script, ElevenLabs TTS produces audio) is reasonable and its requested API keys match that purpose. However: 1) The SKILL.md tells the agent to run a specific local script (/home/clawdbot/.../sag/scripts/tts.py) via the 'uv' runner even though neither that binary nor the script are declared or included — verify that 'uv' is available and that the referenced tts.py actually exists and is from a trusted source. 2) Inspect the contents of tts.py (and any scripts it calls) before enabling the skill: running that script could read files, make network calls, or exfiltrate secrets. 3) If you cannot inspect the script, ask the skill author to provide the tts.py source or change the skill to call ElevenLabs via direct, documented API requests instead of executing a host-local script. 4) Ensure the ELEVENLABS_API_KEY and ANTHROPIC_API_KEY you provide have least privilege (dedicated keys) and consider testing in an isolated environment (sandbox/VM) first. If you need low risk and full transparency, prefer a skill implementation that includes its code or an install spec rather than relying on opaque, absolute host paths.

Like a lobster shell, security has layers — review code before you run it.

latestvk977t4vfjavydmh9vynnm7mw2h7z618t

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🎙️ Clawdis
EnvANTHROPIC_API_KEY, ELEVENLABS_API_KEY
Primary envANTHROPIC_API_KEY

Comments