← Back to Skills Marketplace

minimax-tokenplan-tts

Name: minimax-tokenplan-tts
Author: 4833675

by k.x. · GitHub ↗ · v1.0.1 · MIT-0

darwinlinuxwin32 ⚠ suspicious

157

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install minimax-tokenplan-tts

Description

Generate speech audio from text using MiniMax speech-2.8-hd model. Supports multiple voice options, speed/pitch/volume control, WAV file output with automati...

Usage Guidance

This skill appears to implement the claimed MiniMax TTS functionality, but take these precautions before installing/using it: - Do NOT paste your API key into the top of the scripts. Instead pass it on the command line or modify the code to read MINIMAX_API_KEY from the environment (safer than hard-coding). - The streaming script disables SSL verification (accepts any certificate). This makes the API key vulnerable to interception on hostile or misconfigured networks. If you plan to use streaming, edit stream_play.py to enable certificate verification (remove the lines that set check_hostname=False and verify_mode=CERT_NONE) or ensure you use a trusted network. - The SKILL.md metadata references a download URL (clawhub.ai) rather than the MiniMax domain; prefer obtaining code from trusted sources or verify the included files' contents. Since the package already includes scripts, prefer using the bundled code rather than invoking any external installer from unknown hosts. - Avoid leaving secrets in code or in version-controlled files. If you must store credentials locally, use environment variables or a secrets manager and confirm the script reads them securely. - Review and test on an isolated environment first (or with a non-production API key) before allowing the agent to call this skill autonomously. If the maintainer can: (1) remove the hard-coded API_KEY placeholder and read MINIMAX_API_KEY from env by default, and (2) enable proper SSL verification in the websocket client, the remaining concerns would be largely addressed and my confidence would increase.

Capability Assessment

ℹ Purpose & Capability

Name/description (MiniMax TTS) align with the included scripts and declared binaries (python3, ffplay) and the single required credential (MINIMAX_API_KEY). Minor inconsistency: the SKILL.md/registry declares MINIMAX_API_KEY as required, but the shipped scripts default to a top-of-file API_KEY constant and only accept an override via --api-key rather than automatically reading the MINIMAX_API_KEY env var — the README even tells the user to edit the scripts to paste the key. This is bad practice but consistent with a simple wrapper script.

⚠ Instruction Scope

SKILL.md instructs the agent/user to obtain the API key and to edit the two scripts directly (paste the key and base URL) and then delete the init section. Encouraging manual insertion of secrets into code files is insecure. The instructions also reference IDENTIY.md (not present in the bundle) and recommend always using streaming playback in webchat — giving the agent a persistent preference but not itself malicious. The scripts perform network calls only to the documented MiniMax endpoints; there is no evidence they read unrelated system files or environment variables. However, stream_play.py explicitly disables SSL certificate verification (ssl.verify_mode = CERT_NONE and check_hostname = False), which weakens transport security and could expose the API key to a man-in-the-middle.

ℹ Install Mechanism

Registry reports no install spec but SKILL.md metadata contains an install entry pointing to https://clawhub.ai/skills/minimax-tokenplan-tts (kind: download). There is no evidence the skill automatically downloads arbitrary code at runtime in the included files, but the presence of a download install URL in metadata (not a well-known release host) is a minor red flag. The actual deliverable is an instruction-only skill with bundled scripts (no opaque remote install required).

⚠ Credentials

Only one credential (MINIMAX_API_KEY) is declared, which is appropriate for a TTS integration. But the scripts do not automatically use the MINIMAX_API_KEY env var — they rely on a hard-coded placeholder and instruct users to embed the key in the scripts or pass --api-key. That increases risk of accidental secret leakage. Additionally, the stream websocket code disables TLS verification, which combined with a bearer token increases the risk of credential exposure via MITM. No other unrelated credentials or config paths are requested.

✓ Persistence & Privilege

The skill does not request always:true and does not try to modify other skills or system-wide settings. It writes TTS output to ~/.openclaw/media/minimax/tts/ (declared filesystem write permission), which is proportional to its purpose. It can be invoked autonomously by the agent (default), which is expected behavior for a skill.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install minimax-tokenplan-tts
After installation, invoke the skill by name or use /minimax-tokenplan-tts
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.1

- Updated skill version to 1.0.1. - Refined the initialization instructions for API Key and BASE_URL: users now need to manually fill both generate.py and stream_play.py, rather than loading from multiple config locations. - Clarified the requirement to confirm network region and voice selection during setup. - No functional code or API changes; only documentation updated for clearer setup steps.

v0.9.2

**Major update: Adds real-time streaming TTS playback feature.** - Added stream_play.py for real-time, low-latency streaming TTS playback via WebSocket and ffplay. - Updated documentation to recommend streaming playback (via stream_play.py) as default for webchat/immediate response scenarios. - Streaming playback starts audio as soon as the first data packet arrives; no file generation needed unless explicitly requested. - ffplay and websockets are now listed as requirements for the streaming feature. - Updated capabilities and metadata to reflect streaming playback and expanded usage notes.

v0.9.1

minimax-tokenplan-tts 0.9.1 - Added CHANGELOG.md file. - Updated homepage metadata URL to point to the official MiniMax API reference. - Bumped version to 0.9.1. - No functional/code changes included.

v0.9.0

- Initial public release of minimax-tokenplan-tts (v0.9.0) - Generates speech audio from text using the MiniMax speech-2.8-hd model - Supports multiple voice options covering 40+ languages and 300+ voices - Provides speed, pitch, and volume control for generated speech - Outputs result in WAV format with automatic HEX decoding - Designed as the preferred tool for all TTS (text-to-speech) requests

Metadata

Slug minimax-tokenplan-tts

Version 1.0.1

License MIT-0

All-time Installs 1

Active Installs 1

Total Versions 4

Frequently Asked Questions

What is minimax-tokenplan-tts?

Generate speech audio from text using MiniMax speech-2.8-hd model. Supports multiple voice options, speed/pitch/volume control, WAV file output with automati... It is an AI Agent Skill for Claude Code / OpenClaw, with 157 downloads so far.

How do I install minimax-tokenplan-tts?

Run "/install minimax-tokenplan-tts" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is minimax-tokenplan-tts free?

Yes, minimax-tokenplan-tts is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does minimax-tokenplan-tts support?

minimax-tokenplan-tts is cross-platform and runs anywhere OpenClaw / Claude Code is available (darwin, linux, win32).

Who created minimax-tokenplan-tts?

It is built and maintained by k.x. (@4833675); the current version is v1.0.1.

More Skills