中文 EN

Scan Report

Scan New Files

Suspicious — Risk Score 55/100
Last scan:1 day ago Rescan
55 /100
lessac_offline_voice_system
Local voice system for OpenClaw using faster-whisper and Edge TTS
The skill claims 'fully offline' with 'no data leaves your machine,' but actually uses edge-tts which transmits audio/text to Microsoft cloud servers - a significant doc-to-code mismatch indicating potential data exfiltration.
Skill Namelessac_offline_voice_system
Duration40.8s
Enginepi
Use with caution
Do not use this skill. It misrepresents its network behavior, sending voice data to Microsoft's servers despite claiming complete offline operation. If a local TTS solution is needed, use a self-hosted Piper TTS instead.

Findings 4 items

Severity Finding Location
High
False claim of offline operation Doc Mismatch
SKILL.md explicitly states 'Fully offline: No internet connection required' and 'Privacy-focused: All processing happens locally' and 'No data leaves your machine'. However, the implementation uses 'edge-tts' which is Microsoft's cloud TTS service that sends audio text to Microsoft servers.
**Fully offline**: No internet connection required
**Privacy-focused**: All processing happens locally
**No data leaves your machine**.
→ Either remove the edge-tts dependency and use local Piper TTS only, or update documentation to clearly disclose cloud dependency and data transmission.
 SKILL.md:7
High
Audio data transmitted to Microsoft cloud Data Exfil
The edge-tts package (installed in install.sh:85) makes HTTPS requests to Microsoft servers to generate TTS audio. This means user-provided text and any processed audio is sent to external servers, contradicting the skill's privacy claims.
pip install faster-whisper edge-tts soundfile
→ Remove edge-tts dependency if true offline operation is required. Use only self-hosted Piper TTS.
 scripts/install.sh:85
Medium
Unpinned Python package versions Supply Chain
Python packages are installed without version constraints: 'pip install faster-whisper edge-tts soundfile'. This allows dependency substitution attacks.
pip install faster-whisper edge-tts soundfile
→ Pin versions: pip install faster-whisper==X.Y.Z edge-tts==X.Y.Z soundfile==X.Y.Z
 scripts/install.sh:85
Low
subprocess with shell=True RCE
The voice_handler.py uses subprocess.run with shell=True for ffmpeg execution. While ffmpeg commands are typically static, shell=True introduces potential command injection risk if audio filenames are user-controlled.
subprocess.run(cmd, shell=True, check=True)
→ Use subprocess.run with shell=False and pass arguments as a list for safer execution.
 scripts/voice_handler.py:39
ResourceDeclaredInferredStatusEvidence
Filesystem READ WRITE ✓ Aligned install.sh:100 - Creates config files, copies scripts to $INSTALL_DIR
Network NONE WRITE ✗ Violation SKILL.md claims offline, but edge-tts sends data to Microsoft servers
Shell NONE WRITE ✓ Aligned voice_handler.py:39 - Uses subprocess for ffmpeg (documented CLI tool)
5 findings
🔗
Medium External URL 外部 URL
https://huggingface.co/rhasspy/piper-voices/resolve/v1.0.0/en/en_US/lessac/high/en_US-lessac-high.onnx
README.md:75
🔗
Medium External URL 外部 URL
https://huggingface.co/rhasspy/piper-voices/resolve/v1.0.0/en/en_US/lessac/high/en_US-lessac-high.onnx.json
README.md:76
🔗
Medium External URL 外部 URL
https://huggingface.co/rhasspy/piper-voices
SKILL.md:165
🔗
Medium External URL 外部 URL
https://huggingface.co/rhasspy/piper-voices/resolve/v1.0.0/en/en_US/ryan/high/en_US-ryan-high.onnx
references/voice_models.md:57
🔗
Medium External URL 外部 URL
https://huggingface.co/rhasspy/piper-voices/resolve/v1.0.0/en/en_US/ryan/high/en_US-ryan-high.onnx.json
references/voice_models.md:58

File Tree

8 files · 39.9 KB · 1419 lines
Markdown 3f · 592L Python 3f · 422L Shell 2f · 405L
├─ 📁 references
│ └─ 📝 voice_models.md Markdown 154L · 4.7 KB
├─ 📁 scripts
│ ├─ 🔧 install.sh Shell 247L · 6.5 KB
│ ├─ 🐍 piper_tts.py Python 109L · 3.5 KB
│ ├─ 🐍 test_skill.py Python 192L · 5.6 KB
│ ├─ 🐍 voice_handler.py Python 121L · 4.2 KB
│ └─ 🔧 voice_integration.sh Shell 158L · 4.4 KB
├─ 📝 README.md Markdown 205L · 5.1 KB
└─ 📝 SKILL.md Markdown 233L · 5.9 KB

Dependencies 3 items

PackageVersionSourceKnown VulnsNotes
faster-whisper * pip No Version not pinned
edge-tts * pip No Version not pinned - Microsoft cloud service
soundfile * pip No Version not pinned

Security Positives

✓ No evidence of credential harvesting from environment variables
✓ No base64-encoded payloads or obfuscated code
✓ No reverse shell or direct C2 communication detected
✓ No access to sensitive paths like ~/.ssh, ~/.aws, or .env files
✓ Python code is readable and auditable
✓ Dependencies come from standard, well-known packages (faster-whisper, piper-tts)