Text to Speech and Voice Cloning by Verbatik AI
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill matches its TTS and voice-cloning purpose, but it gives the agent access to paid and mutating Verbatik account actions without clear confirmation limits.
Use this only if you trust the Verbatik endpoint and publisher. Before enabling it, set clear rules that the agent must ask before spending balance, cloning any voice, storing/shareable audio, or deleting cloned voices. Protect the API key, consider disabling auto top-up or setting limits, and do not submit private text or voice samples unless you accept Verbatik's data and retention practices.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent acts too freely, it could spend prepaid balance, create voice clones, or delete cloned voices without the user realizing the impact first.
The documented workflow includes chargeable actions and deletion of provider-side voice assets, but the provided instructions do not clearly require explicit user approval before spending balance, cloning a voice, or deleting a voice.
Autonomously generate speech, clone voices, and manage audio via the Verbatik API... Cost: **$3.00 per clone**... **Delete a voice:** `DELETE /api/v1/my-voices/<voice_id>`
Require explicit user confirmation for every paid request, voice-cloning job, and deletion; use spending caps, disable auto top-up where possible, and verify consent before cloning any voice.
Anyone or any agent process with this key could use the Verbatik account according to the key's permissions.
The API key requirement is expected for a Verbatik integration, but it grants access to account-backed API actions including paid generation and voice management.
Store your API key: `VERBATIK_API_KEY=vbt_your_api_key_here`... `Authorization: Bearer <VERBATIK_API_KEY>`
Use a dedicated API key if possible, keep it out of shared logs or prompts, revoke it if exposed, and prefer the least-privileged or spending-limited credential settings available.
Text, audio references, generated audio, and credentials may flow through Verbatik or its MCP integration depending on how the user connects it.
The skill documents an external MCP/provider integration path, but the artifact does not describe detailed data-boundary, permission, or retention controls for that connection.
Verbatik also exposes an MCP server for direct AI assistant integration... Supports OAuth 2.1... and API key auth via `mcp-remote` bridge.
Connect only to the official Verbatik endpoint, review what data will be sent, and avoid submitting confidential text or voice samples unless Verbatik's data handling terms are acceptable.
A user may not be able to easily verify whether the skill text came from the official service operator before trusting it with an API key.
The registry source is not identified, while the skill asks the user to configure a Verbatik API key. This is a provenance gap rather than evidence of malicious behavior.
Source: unknown
Verify the skill publisher and API documentation against Verbatik's official site before adding credentials.