Security audit

Gemini Tts

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Gemini text-to-speech skill, with normal cloud API privacy and API-key considerations.

Install only if you are comfortable providing a Gemini API key and sending the text you want spoken to Google Gemini. Avoid using it with secrets, private prompts, or regulated data, and do not rely on the --voice/persona option until the script is updated to actually honor it.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 93% confidence
Finding: The skill documentation indicates it uses an API key from the environment and makes network calls, but it does not declare any permissions for those capabilities. This creates a transparency and trust problem: an agent or user may invoke the skill without realizing it can exfiltrate prompt content to an external service or access sensitive environment data such as GEMINI_API_KEY.

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The script transmits arbitrary user-provided text to an external third-party TTS service with no in-code warning, consent prompt, or data handling notice. In a skill context, users may provide sensitive prompts or secrets, so silent transmission off-host creates a real privacy and compliance risk even if the destination is legitimate.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.