ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

OmniVoice

v1.0.0

All-in-one voice identity toolkit: speaker identification, voice library management, voice cloning, and speech-to-text. The only OpenClaw skill with speaker...

0· 59·0 current·0 all-time
byYang Qibin@yangqibin-caibi
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
Functionality (speaker ID, library management, cloning, Feishu delivery) matches the included scripts. However the registry metadata claims no required environment variables while the SKILL.md and scripts require SF_API_KEY for SiliconFlow and FEISHU_APP_ID/FEISHU_APP_SECRET for sending audio. That omission is an incoherence in declared purpose/requirements: the skill legitimately needs those secrets for cloning and Feishu sending, but the package metadata does not declare them.
Instruction Scope
SKILL.md stays largely within the stated domain (local voice refs, transcribe, identify, clone). Two points to watch: (1) it instructs manual edits to SPEAKER_MAP inside scripts/voice_identify.py to register speakers (i.e., modify the skill's code to add speakers), which is unusual and grants the agent or user permission to change shipped code; (2) voice cloning sends reference audio (possibly private) to an external API (SiliconFlow) which is necessary for cloning but is a privacy/exfiltration risk. The skill also downloads a ~360MB model to /tmp on first run (resource/disk considerations).
Install Mechanism
This is instruction-only (no automated install spec). Dependencies are standard for the tasks (whisper/transformers/librosa/ffmpeg). No installers or external arbitrary downloads beyond model weights from HuggingFace (expected for UniSpeech-SAT).
!
Credentials
The skill requires SF_API_KEY (SiliconFlow) and Feishu credentials (FEISHU_APP_ID and FEISHU_APP_SECRET) according to the SKILL.md and scripts, but the registry metadata lists no required env vars. Requiring third-party API keys is proportionate to voice cloning and Feishu message sending, but the metadata omission is misleading. Also, sending reference audio to an external service (SiliconFlow) means sensitive audio data will leave your environment — request for SF_API_KEY and choice of endpoint should be evaluated before use.
Persistence & Privilege
always:false and no OS restrictions — the skill does not request permanent, universal inclusion. It will write files into workspace directories (voice-refs/, TOOLS.md) and may modify its own SPEAKER_MAP if the user follows the instructions; these are local operations and not system-wide privilege escalations. No indication it modifies other skills or global agent config.
What to consider before installing
Key things to consider before installing/using OmniVoice: - Metadata mismatch: The registry metadata claims no required env vars, but the skill requires SF_API_KEY for the SiliconFlow cloning API and FEISHU_APP_ID/FEISHU_APP_SECRET to send messages to Feishu. Confirm you are comfortable providing those secrets and update metadata expectations. - Privacy risk: Voice cloning sends reference audio (base64 or a remote URL) to https://api.siliconflow.cn. Any audio you provide (including recordings of other people) will be transmitted to that third party. Do not upload recordings you do not have permission to share. Review SiliconFlow's privacy/TOS before use. - Manual code edits: The documentation instructs you to register speakers by editing SPEAKER_MAP in scripts/voice_identify.py. This means the workflow relies on modifying source files — consider instead keeping references in a separate metadata file to avoid altering shipped code, or be aware that the skill expects write access to its own files. - Resource use: The speaker-identification model downloads ~360MB to /tmp on first run and requires CPU/GPU resources; ensure your runtime environment has sufficient disk and compute. - Feishu integration: The provided shell script will exchange your FEISHU_APP_ID/SECRET for a tenant token and upload audio. Limit credential scope for the app and confirm you trust the destination Feishu tenant. - Operational safety: If you need to evaluate the skill, run it in an isolated/sandboxed environment, inspect network traffic to confirm where audio is uploaded, and avoid giving production credentials until you trust the behavior. If you want, I can: (1) list the exact environment variables and commands you must run to test the skill safely in a sandbox, (2) suggest a safer workflow that avoids editing code (store speaker metadata in TOOLS.md and read it at runtime), or (3) help craft a minimal wrapper that blocks external uploads for local-only testing.
scripts/voice_identify.py:87
Dynamic code execution detected.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk97759zv5fww19zcsftrwaqb4x83h1dw

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments