← Back to Skills Marketplace

Xiaomi MiMo TTS

Name: Xiaomi MiMo TTS
Author: jazzqi

by jazzqi · GitHub ↗ · v1.2.5 · MIT-0

cross-platform ⚠ suspicious

384

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install xiaomi-mimo-tts

Description

使用小米 MiMo TTS (mimo-v2-tts) 生成语音。支持多种音色、风格控制、情感标签和方言。需要 MIMO_API_KEY。

Usage Guidance

This skill's code appears to do exactly what it claims: call Xiaomi MiMo's TTS API and save audio. However the registry metadata omits the fact that an API key (XIAOMI_API_KEY or MIMO_API_KEY) is required and does not list required binaries (curl/ffmpeg/node/python). Before installing: 1) Verify the skill source / owner and prefer skills with a public homepage or repo. 2) Do not provide your production API key until you trust the owner — test with mock mode or a throwaway key first (scripts support mock behavior when the key is absent). 3) Expect the skill to make HTTPS POSTs to api.xiaomimimo.com and write audio files under SKILL_OUT or /tmp; ensure that is acceptable. 4) Consider running the scripts in a restricted environment (container) and inspect network traffic if you need higher assurance. 5) If you maintain the registry entry, update metadata to declare XIAOMI_API_KEY / MIMO_API_KEY and required binaries so agents/users are correctly informed.

Capability Analysis

Type: OpenClaw Skill Name: xiaomi-mimo-tts Version: 1.2.5 The skill contains a potential code injection vulnerability in 'scripts/base/mimo-tts.sh', where the '$TEXT' variable is interpolated directly into a Python heredoc using triple quotes. This allows for arbitrary Python code execution if the input text contains a sequence that breaks out of the string literal (e.g., triple quotes followed by malicious commands). While the bundle's primary logic for interacting with the Xiaomi MiMo TTS API (api.xiaomimimo.com) appears legitimate and well-documented across Shell, Node.js, and Python implementations, this lack of input sanitization in the wrapper script constitutes a high-risk vulnerability.

Capability Assessment

⚠ Purpose & Capability

The skill's name/description and code implement Xiaomi MiMo TTS and legitimately need an API key and tools like ffmpeg/curl/node/python for full functionality. However the registry metadata claims no required environment variables or primary credential while SKILL.md and scripts explicitly require XIAOMI_API_KEY or MIMO_API_KEY. That metadata omission is an incoherence that can mislead users/agents about what secrets will be used.

ℹ Instruction Scope

SKILL.md and scripts instruct the agent to analyze conversation context and call local scripts which then POST to the MiMo API and decode returned base64 audio. This stays within the declared purpose (TTS). The agent will be asked to run shell/node/python code and write audio files to SKILL_OUT or /tmp; there is no instruction to read unrelated system files or exfiltrate arbitrary data beyond the MiMo API. The 'smart' mode heuristics let the agent choose styles automatically — this is scope-appropriate but gives the agent broad discretion over output style selection (documented as optional).

✓ Install Mechanism

No install spec is provided (instruction-only from registry perspective), and the bundle includes plain scripts. There are no external downloads or URL-based installs in the package. Risk from install mechanism is low, though installing the skill will place these scripts on disk and they will be executable.

⚠ Credentials

The code requires one credential (XIAOMI_API_KEY, with backward-compat MIMO_API_KEY) to call the MiMo API — that is proportionate. The problem: the registry metadata declares no required env vars or primary credential. Additionally README and scripts mention dependencies (curl, ffmpeg, node, python3, jq usage in shell) but the registry does not list required binaries. The missing metadata could cause an agent to run the skill without knowing a secret is needed or where network calls go.

✓ Persistence & Privilege

The skill does not request 'always:true' or attempt to modify other skills or system-wide configs. It creates outputs under SKILL_OUT or /tmp and sources a local _env.sh; nothing indicates elevated or permanent privileges.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install xiaomi-mimo-tts
After installation, invoke the skill by name or use /xiaomi-mimo-tts
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.2.5

Refactor + stability: unified implementations; robust error handling; dry-run; ffmpeg checks; smart-mode opt-in.

v1.2.4

Refactor + stability: unified implementations; robust error handling; dry-run; ffmpeg checks; smart-mode opt-in.

v1.2.3

添加河南方言支持：在所有智能版本中添加河南方言关键词检测，优化方言识别准确率

v1.2.2

增加多语言智能版本支持：重构为统一入口，新增Python和Shell智能版，自动选择最佳实现；更新文档

v1.3.1

Version 1.3.1 - 增加多种智能脚本：新增 NodeJS、Python、Shell 三种 `mimo_tts_smart` 智能实现，支持自动分析文本并选择最佳风格。 - 提供统一入口脚本 `mimo-tts-smart.sh`，自动优先调用 NodeJS→Python→Shell，增强兼容与易用性。 - SKILL.md 文档同步更新，详述各脚本用法、功能特点及自动分析能力。 - 支持多语言环境与更丰富的自动风格判断场景。

v1.3.0

xiaomi-mimo-tts 1.3.0 - 简化和更新使用文档，强调 Agent 需主动判断对话内容选择合适风格 - 精简/优化风格、情感和方言描述及示例 - 移除 scripts/mimo_tts_smart.js，删去相关复杂说明与脚本说明 - 明确 Agent 使用原则和判断标准，便于理解和应用 - 更新 API Key 获取方式与环境变量配置说明

v1.2.1

- Minor update to scripts/mimo_tts_smart.js with no user-facing changes. - Documentation and usage information remain unchanged.

v1.2.0

Version 1.2.0 introduces smart style detection: - 新增“智能风格检测”功能，自动分析文本内容并选择合适的情感、方言、语速与风格 - 文档增加了关于情感、方言、内容类型等智能识别说明 - 增加 scripts/mimo_tts_smart.js 脚本 - 增加 _meta.json 元数据文件

v1.1.2

- No file changes detected in this version. - No updates or new features have been introduced. - Functionality and documentation remain unchanged from the previous version.

v1.1.1

- Added JavaScript script: scripts/mimo_tts.js - Updated documentation in README.md with minor changes and improvements

v1.1.0

- Added a new Python script: scripts/mimo_tts.py for generating speech using Xiaomi MiMo TTS. - Updated documentation in README.md to include usage instructions for the new Python script.

v1.0.2

- Expanded voice synthesis features: now supports multiple voice types, detailed style control, and fine-grained emotional and prosody tags. - Updated documentation (SKILL.md, README.md) with comprehensive usage examples, including advanced style and tag options. - Added new script usage examples and introduced a Python script for TTS synthesis. - Clarified requirements, environment variables, and testing instructions in the documentation.

v1.0.1

- Updated skill name to "xiaomi-mimo-tts" in documentation. - Clarified branding and naming as "小米 MiMo TTS" throughout. - No changes to core functionality; documentation improvement only.

v1.0.0

Initial release of mimo-tts skill. - Integrates Xiaomi MiMo TTS (mimo-v2-tts) for Chinese text-to-speech conversion. - Requires MIMO_API_KEY environment variable. - Simple CLI usage with provided script. - Defaults to zh-CN-XiaoxiaoNeural (female Chinese voice).

Metadata

Slug xiaomi-mimo-tts

Version 1.2.5

License MIT-0

All-time Installs 1

Active Installs 1

Total Versions 14

Frequently Asked Questions

What is Xiaomi MiMo TTS?

使用小米 MiMo TTS (mimo-v2-tts) 生成语音。支持多种音色、风格控制、情感标签和方言。需要 MIMO_API_KEY。 It is an AI Agent Skill for Claude Code / OpenClaw, with 384 downloads so far.

How do I install Xiaomi MiMo TTS?

Run "/install xiaomi-mimo-tts" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Xiaomi MiMo TTS free?

Yes, Xiaomi MiMo TTS is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Xiaomi MiMo TTS support?

Xiaomi MiMo TTS is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Xiaomi MiMo TTS?

It is built and maintained by jazzqi (@jazzqi); the current version is v1.2.5.

More Skills