Xiaomi-any2speech
v1.0.5声音世界模型(Speech World Model):不只是 TTS,而是理解场景、角色、情绪并自主规划表达的语音大模型。 原生支持长文+多人,中英双语,将任意内容转为播客/有声书/相声/Rap/广播剧等,单次最长 ~10 分钟,输出 WAV。 涵盖单人TTS、VoiceDesigner音色定制、多人对话合成、长...
⭐ 5· 294·0 current·0 all-time
byDi Wu@whiteshirt0429
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The skill's name/description (TTS / multi‑speaker expressive synthesis) matches the runtime instructions: it posts text or user-provided files to a remote audio-generation API and returns WAV output. Optional Feishu delivery credentials are reasonable for the claimed 'send to Feishu' feature. No unrelated services or credentials are requested.
Instruction Scope
SKILL.md gives explicit, narrow runtime steps (ask for text or explicit file path, build instruction string, call sync/async endpoints, limited retries, save WAV). It explicitly forbids scanning user directories or reading sensitive paths, and instructs the agent to prompt the user when input is missing. The instructions do send user content to the remote Xiaomi endpoint — which is expected for a cloud TTS service.
Install Mechanism
Instruction-only skill with no install spec and no code files. Requires standard CLI tools (curl, jq) and optionally ffmpeg/ffprobe for duration/Feishu sending; nothing is downloaded or written by the skill itself.
Credentials
No required environment variables are declared in registry metadata. SKILL.md documents an optional API_KEY (defaults to an embedded public key 'sk-anytospeech-pub-free') and optional Feishu credentials only when the user requests Feishu sending. These environment variables are proportional to the described features, but note: a default embedded public API key exists in the instructions (convenient but may be rate‑limited and provides no privacy guarantees).
Persistence & Privilege
Skill is not forced-always (always: false) and does not request persistent system-wide configuration or modify other skills. It remains an on-demand, instruction-only skill.
Assessment
This skill appears to do what it claims: it sends the text or an explicitly provided file to a Xiaomi-hosted TTS API and returns a WAV. Consider these points before installing:
- Privacy: any text or file you submit will be transmitted to https://miplus-tts-public.ai.xiaomi.com. Do not send secrets, personal data, or sensitive files unless you trust the endpoint and its privacy terms.
- Embedded public API key: the SKILL.md includes a default public key (sk-anytospeech-pub-free). That is convenient but likely shared/rate-limited and does not grant additional privacy — using your own API key (if available) is preferable.
- Feishu delivery: the skill can accept Feishu credentials (tenant token or app id/secret + chat id) only for optional sending. Provide those only when you explicitly request the send action and you trust the operator.
- Endpoint provenance: the skill source/homepage is unknown. If you require stronger guarantees (privacy, SLA, provenance), request the publisher to provide documentation or use an officially documented vendor API and your own credentials.
- Operational: the skill requires curl/jq and optionally ffmpeg/ffprobe for extra features. It does not install binaries or read arbitrary local files — it will only read a file path you explicitly provide.
If you plan to use this for sensitive or high-volume content, ask the publisher for terms, rate limits, and whether you can supply a private API key or self-hosted alternative.Like a lobster shell, security has layers — review code before you run it.
latestvk977qk0kw1e19n0jm4t6q3e0yh8452wv
License
MIT-0
Free to use, modify, and redistribute. No attribution required.