Scan Report
10 /100
character-voice-broadcast
Convert plain text into TTS-ready, persona-driven spoken content using SenseAudio API
A straightforward TTS wrapper skill with no malicious behavior; all declared capabilities match implementation and no hidden functionality was found.
Safe to install
No action required. The skill is safe to use. Optionally pin the requests/urllib dependencies to mitigate supply-chain risks in future.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Network | READ | READ | ✓ Aligned | scripts/senseaudio_tts.py:52 urllib.request.urlopen(build_request(...)) |
| Filesystem | WRITE | WRITE | ✓ Aligned | scripts/senseaudio_tts.py:75 save_bytes(args.output, audio_bytes) |
| Environment | READ | READ | ✓ Aligned | scripts/senseaudio_tts.py:35 os.environ.get('SENSEAUDIO_API_KEY') |
| Shell | NONE | NONE | — | No subprocess or shell execution found |
| Clipboard | NONE | NONE | — | No clipboard access |
| Browser | NONE | NONE | — | No browser automation |
| Database | NONE | NONE | — | No database access |
| Skill Invoke | NONE | NONE | — | No recursive skill invocation |
1 findings
Medium External URL 外部 URL
https://api.senseaudio.cn/v1/t2a_v2 SKILL.md:86 File Tree
5 files · 13.3 KB · 464 lines Markdown 3f · 318L
Python 1f · 142L
YAML 1f · 4L
├─
▾
agents
│ └─
openai.yaml
YAML
├─
▾
references
│ ├─
senseaudio-api.md
Markdown
│ └─
voice-broadcast-templates.md
Markdown
├─
▾
scripts
│ └─
senseaudio_tts.py
Python
└─
SKILL.md
Markdown
Dependencies 2 items
| Package | Version | Source | Known Vulns | Notes |
|---|---|---|---|---|
urllib | stdlib | Python 3 standard library | No | Used for HTTP POST; no external dependency |
argparse | stdlib | Python 3 standard library | No | CLI argument parsing only |
Security Positives
✓ SKILL.md and scripts/senseaudio_tts.py are fully consistent — every declared capability is present in code
✓ No subprocess, shell execution, or system command calls found
✓ No credential exfiltration — API key is used only for the declared API call
✓ No base64-encoded or obfuscated payloads
✓ No sensitive path access (~/.ssh, ~/.aws, .env beyond declared vars)
✓ Audio response parsing is defensive (hex, base64, URL download) but entirely within documented scope
✓ No persistence mechanisms (cron, startup scripts, registry hooks)
✓ No hidden HTML comments or steganographic instructions
✓ No supply-chain issues detected — standard library only (argparse, base64, json, os, sys, urllib)