ecommerce-voice-cs
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: ecommerce-voice-cs Version: 1.0.1 The skill bundle implements a legitimate ecommerce voice assistant with two modes (After-sales and Telemarketing) using the SenseAudio TTS API. The code demonstrates good security practices, such as sanitizing session IDs in `helper.py` to prevent path traversal when saving state files. While it uses unicode-escaped strings for Chinese UI prompts, these decode to standard functional phrases and do not hide malicious logic. The handling of API keys and file outputs is consistent with the stated purpose of generating and playing TTS audio.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A SenseAudio API key entered into the skill may remain in plaintext local files, where it could be exposed through backups, sharing, logs, or other local access.
The per-session state schema includes api_key fields and the helper writes the full state to JSON files under .session_state. This means user-provided SenseAudio credentials can be retained on disk rather than only used transiently.
STATE_DIR = SKILL_ROOT / ".session_state"
STATE_DIR.mkdir(exist_ok=True)
...
AFTER_SALES_DEFAULTS = {
"api_key": "",
...
SALES_DEFAULTS = {
"api_key": "",
...
def _save_state(session_id: str, state: dict[str, Any]) -> None:
_state_file(session_id).write_text(json.dumps(state, ensure_ascii=False, indent=2), encoding="utf-8")Do not store API keys in session JSON. Use the host secret store or environment variable only, redact existing .session_state files, and declare the credential requirement in metadata.
Preexisting state files could expose previous/test configuration or cause unexpected behavior for matching session IDs, and they normalize retaining sensitive session data.
The packaged artifact includes runtime session-state files, including an active sales state and an api_key field. Bundling persistent runtime state is not needed for the stated TTS purpose and can carry residual configuration into future runs.
"mode": "sales",
"stage": "active",
...
"sales": {
"api_key": "k",
"voice_id": "male_0018_a",
"audio_output_path": "D:/tmp",
"product_name": "???????"Remove .session_state files from the distributed skill, create state only at runtime in a host-approved cache location, and provide a cleanup/reset path that redacts secrets.
Customer-service messages, sales copy, and generated replies may be sent to SenseAudio and saved as local audio files.
The skill sends generated text to the SenseAudio TTS API with the API key and writes the returned audio bytes to disk. This is expected for the TTS purpose, but it is an external data flow plus local file output.
return requests.post(
self.TTS_API_URL,
json=payload,
headers={
"Authorization": f"Bearer {self.api_key}",
"Content-Type": "application/json",
},
timeout=60,
)
...
output_file.write_bytes(audio_bytes)Use only non-sensitive content unless the provider and your organization permit it, and choose an output directory where retained audio files are appropriate.
Users may have less assurance about where the skill came from or which Python dependencies/runtime environment are expected.
The artifact has limited provenance information and no dependency/install declaration, even though code files are present. This does not show malicious behavior, but it reduces reviewability and reproducibility.
Source: unknown Homepage: none ... Install specifications No install spec — this is an instruction-only skill.
Publish a source repository/homepage and add explicit dependency metadata or an install specification.