ClawHub
Back to skill

Security audit

url2podcast

Security checks across malware telemetry and agentic risk

Overview

This skill coherently turns webpage content into a Chinese two-person podcast using a disclosed third-party TTS service and local audio tools.

Install only if you are comfortable sending generated podcast text to the Volcano/ByteDance TTS service with your VOLC credentials. Do not use it on confidential webpages unless that transfer is acceptable, and keep important files out of skills/podcast-maker/workspace because the skill clears that directory on each run.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill mandates clearing the workspace directory before every run, but provides no safeguards, confirmation step, or bounded deletion procedure. In an agent setting, this can cause unintended data loss if the cleanup is implemented too broadly, targets the wrong path, or deletes prior outputs the user expected to retain.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The workflow requires sending generated script text and authentication material to an external TTS provider, but nowhere informs the user that content will leave the local environment. This creates privacy and compliance risk, especially if the source webpage or generated podcast contains sensitive, proprietary, or personal information.

External Transmission

Medium
Category
Data Exfiltration
Content
单句请求模板(从 `lines[i]` 取值):

```bash
curl -sS "https://openspeech.bytedance.com/api/v1/tts" \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer;${VOLC_TOKEN}" \
  -d "{
Confidence
98% confidence
Finding
curl -sS "https://openspeech.bytedance.com/api/v1/tts" \ -H "Content-Type: application/json" \ -H "Authorization: Bearer;${VOLC_TOKEN}" \ -d

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.