voice-minimax Security Report — Low Risk | ClawSafe

15 /100

voice-minimax

MiniMax TTS语音生成并通过飞书发送的技能

A straightforward voice generation skill with all capabilities declared in documentation; minor issue with placeholder credentials in code.

Skill Namevoice-minimax

Duration23.8s

Enginepi

✓

Safe to install

This skill is safe to use. Consider documenting that users should never commit actual API keys to version control.

Findings 2 items

Severity	Finding	Location
Low	API key placeholder in inline code The MiniMax API key is embedded as a string literal '你的MiniMax API Key' in the Python code. While documented as requiring replacement, inline credential storage is poor security hygiene. `MINIMAX_KEY = '你的MiniMax API Key'` → Recommend documenting that users should use environment variables or a config file for credentials instead of inline strings.	`SKILL.md:23`
Low	Lark user ID hardcoded The Feishu user ID is also a placeholder in the documentation, which is acceptable but could be moved to configuration. `--user-id 飞书用户ID` → Consider allowing user ID to be configured via environment or command-line argument.	`SKILL.md:42`

Resource	Declared	Inferred	Status	Evidence
Network	`READ`	`READ`	✓ Aligned	SKILL.md:31 urllib.request to api.minimaxi.com
Shell	`WRITE`	`WRITE`	✓ Aligned	SKILL.md:24-45 ffmpeg, cp, lark-cli commands
Filesystem	`WRITE`	`WRITE`	✓ Aligned	SKILL.md:36-37 writes to /tmp/voice.mp3 and ./voice.opus
Environment	`NONE`	`NONE`	—	No environment variable access detected
Skill Invoke	`NONE`	`NONE`	—	No skill invocation detected
Clipboard	`NONE`	`NONE`	—	No clipboard access detected
Browser	`NONE`	`NONE`	—	No browser access detected
Database	`NONE`	`NONE`	—	No database access detected

1 findings

🔗

Medium External URL 外部 URL

https://api.minimaxi.com/v1/t2a_v2

SKILL.md:31

1 files · 2.2 KB · 89 lines

Markdown 1f · 89L

└─ 📝 SKILL.md Markdown 89L · 2.2 KB

✓ All shell commands (ffmpeg, cp, lark-cli) are explicitly declared in SKILL.md

✓ No hidden functionality or undocumented code execution

✓ No credential harvesting or data exfiltration detected

✓ No base64 encoding, eval(), or other obfuscation techniques

✓ No access to sensitive paths (~/.ssh, ~/.aws, .env)

✓ Single-purpose tool with clear, auditable workflow

✓ No external script downloads (curl|bash pattern absent)

✓ Filesystem operations are limited to documented /tmp/ and ./ directories