Tomoviee Text to Sound Effects
PassAudited by ClawScan on May 1, 2026.
Overview
This is a straightforward text-to-sound API client, but users should treat the Tomoviee API credentials and any submitted prompts as sensitive.
Before installing, confirm you trust the Tomoviee/Wondershare API provider, use revocable API credentials, avoid submitting sensitive prompt content, and install Python dependencies from a trusted source.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone using the skill must provide API credentials, and generated requests may be associated with that Tomoviee/Wondershare account.
The client uses user-provided Tomoviee app credentials to authenticate to the provider API. This is expected for the stated purpose, but the credentials represent account authority and may consume quota or billing.
"X-App-Key": self.app_key,
"Authorization": f"Basic {self.access_token}"Use scoped or revocable API keys where available, avoid pasting secrets into shared chats or logs, and rotate credentials if they are exposed.
Sound-effect prompts, task settings, and any optional callback data may be processed by the external provider.
The skill intentionally sends prompts and task parameters to an external provider endpoint. This is disclosed and purpose-aligned, but users should understand that prompt content leaves the local environment.
This skill sends runtime API calls only to `openapi.wondershare.cc`
Do not include confidential, personal, or secret information in prompts or callback parameters unless the provider account and policy are appropriate for that data.
The dependency install is not automatically run by the skill, but users who run it will depend on their Python package index and local environment.
The setup documentation asks the user to install an unpinned Python dependency. This is common and purpose-aligned for an API client, but it relies on the package source available at install time.
pip install requests
Install dependencies from trusted package indexes and consider pinning or reviewing package versions in controlled environments.