TTS AutoPlay with Wake Word
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: tts-autoplay Version: 2.0.1 The skill's documentation (SKILL.md, README.md) instructs users to execute PowerShell scripts (e.g., install.ps1, tts-autoplay-wakeword.ps1) using `powershell -ExecutionPolicy Bypass`. While this is a common practice for running local, unsigned scripts, it bypasses a security feature and represents a significant vulnerability risk if the underlying scripts were malicious. The actual PowerShell script files were not provided for analysis, preventing a full assessment of their intent. However, the instruction to bypass execution policy itself is a risky capability, leading to a 'suspicious' classification.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a user obtains or creates those missing scripts elsewhere, they may run unreviewed local code.
The skill documentation tells users to run PowerShell scripts, but the provided manifest and file contents do not include those .ps1 files, so their behavior cannot be reviewed from these artifacts.
powershell -ExecutionPolicy Bypass -File "skills/tts-autoplay/install.ps1" ... powershell -ExecutionPolicy Bypass -File "skills/tts-autoplay/tts-autoplay-wakeword.ps1"
Only run scripts that are present in the installed package and that you can inspect or trust; avoid copying missing PowerShell scripts from unrelated sources.
Following the older README/config example could cause more responses to be spoken aloud than the wake-word-only description suggests.
The README still shows an always-generate/play TTS configuration and the basic autoplay script, while the skill description emphasizes wake-word-only playback.
"tts": { "auto": "always" ... } ... powershell -ExecutionPolicy Bypass -File tts-autoplay.ps1Use the documented `auto: "tagged"` configuration for wake-word behavior, and treat the `auto: "always"` example as an older mode unless you intentionally want all TTS audio played.
If a future or external script uses this approach, it could access private conversation history to decide whether to play audio.
The design document discusses an optional session-history detection approach that would read recent chat history, though no implementation is included in the provided files.
脚本读取最近会话历史 ... 隐私考虑:会话历史检测需要访问聊天记录
Prefer the tagged-mode approach when possible; if using session-history detection, clearly limit which logs or APIs are read and how long that data is retained.