← Back to Skills Marketplace

wevoicereply

Name: wevoicereply
Author: zhairen

by zhairen · GitHub ↗ · v1.0.3

linux ⚠ suspicious

792

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install wevoicereply

Description

【自动化语音合成与推送链路】当用户要求语音回复、读一下或发声时，必须严格执行以下三步，严禁跳步： ### 第一步：文案生成 (Prompt A) 根据上下文生成自然、温暖的口语化文本。请在长句子中加入中文逗号 `，` 以确保音频合成时有自然的停顿。 ### 第二步：音频合成 (执行 voice_reply_s...

Usage Guidance

This skill will run an included Python script that: (1) may re-exec into /root/pythonenv if present, (2) expects a Piper model at /root/models/..., (3) writes generated audio into /opt/1panel/www/sites/voice.robotmusk.com/index and returns URLs under https://voice.robotmusk.com, and (4) calls ffmpeg-amr (code) though metadata says ffmpeg. Before installing or using: - Confirm you control the target BASE_URL and that the OUTPUT_DIR is appropriate and writable by the agent; otherwise the returned URLs may be invalid or expose files publicly. - Be cautious about the hard-coded /root paths; if those paths exist the script will switch interpreters which may run with elevated privileges. - Verify that the required Piper Python module and the specific ffmpeg binary are installed (and whether ffmpeg-amr vs ffmpeg is available). - Prefer changes before use: make TARGET_PYTHON, PIPER_MODEL, OUTPUT_DIR, FFMPEG_BIN and BASE_URL configurable via environment variables; use a secure temporary output directory by default; avoid execv into root-owned interpreters. - If you do not control the domain voice.robotmusk.com or the system webroot path, do not install/run this skill as-is. These inconsistencies could be sloppy engineering or deployment-specific assumptions — treat it as suspicious until addressed.

Capability Analysis

Type: OpenClaw Skill Name: wevoicereply Version: 1.0.3 The skill is classified as suspicious due to a critical shell injection vulnerability identified in the `SKILL.md` file. The `command` definition `python3 {{path}}/voice_reply_skill.py '{{text}}'` encloses the `{{text}}` parameter in single quotes, which can be escaped by a malicious user input containing a single quote, allowing arbitrary shell commands to be executed on the host system. While the `voice_reply_skill.py` script itself uses `subprocess.run` with lists for its internal commands (Piper TTS and FFmpeg), making those specific calls safer, the initial invocation of the Python script is vulnerable to this injection.

Capability Assessment

⚠ Purpose & Capability

The skill's stated purpose (generate TTS and return a URL) is plausible, but the implementation hard-codes system-specific paths (TARGET_PYTHON=/root/pythonenv, PIPER_MODEL=/root/models/..., OUTPUT_DIR=/opt/1panel/...), and a BASE_URL (https://voice.robotmusk.com). These expectations tie the skill to a particular server layout and elevated directories rather than working generically. Also the metadata/README require 'ffmpeg' but the code invokes 'ffmpeg-amr' and expects 'piper' as a Python module; these mismatches are not justified by the description.

ℹ Instruction Scope

SKILL.md limits the agent to a three-step flow and instructs calling the included Python script then sending the returned URL via default_api.message. That scope is reasonable, but SKILL.md does not document the script's hard-coded filesystem and interpreter requirements (root pythonenv, model path, webroot). The SKILL.md claims the script will 'upload' and return a URL, but in reality the script writes files into a local webroot path and synthesizes a URL using a hard-coded BASE_URL — this implicit hosting assumption is not surfaced in the instructions.

✓ Install Mechanism

This is an instruction-only skill with no install spec; nothing is written to disk during install. That is lower risk. However the runtime expects external components (piper module, a specific ffmpeg binary) to already exist.

⚠ Credentials

The skill declares no required env vars or credentials but the code requires filesystem write access to /opt/1panel/..., reads a model at /root/models/..., and will exec into /root/pythonenv if present. Requesting filesystem permissions (see _meta.json) is consistent, but the specific hard-coded privileged paths are disproportionate to a generic TTS helper and could cause unexpected privilege/use-of-root behavior. BASE_URL points to an external domain; the script will return a URL tied to that domain even if the host isn't actually serving it.

⚠ Persistence & Privilege

The skill is not 'always:true' and won't auto-install, but at runtime it writes audio files into a system webroot and requires filesystem permission. Writing into /opt/... and switching interpreters is an elevated filesystem footprint beyond a minimal temp-file approach. It does not modify other skills, but the filesystem access requested and hard-coded locations increase the blast radius if misconfigured.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install wevoicereply
After installation, invoke the skill by name or use /wevoicereply
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.3

- 发送语音到微信 - Added a new documentation file: readme.md. - Updated and streamlined the skill description for clearer execution steps. - Adjusted command metadata to directly bind the skill to voice_reply_skill.py for better clarity. - Improved parameter documentation and shell command handling detail. - Added section on system/environment requirements and script execution details.

v1.0.1

Version 1.0.0 - Introduced a mandatory three-step process for handling voice replies: generate text, synthesize audio, and send via default_api.message. - Enforced strict JSON formatting and parameter handling for audio synthesis to reduce errors. - Updated instructions to ensure the voice message is always sent to "@all" in relevant groups. - Added troubleshooting guidance for common JSON and execution issues. - Clarified workflow and provided usage examples for better user guidance.

v1.0.0

- Initial release of wevoicereply skill. - Converts text to voice using local Piper TTS engine. - Outputs AMR audio files compatible with WeCom (企业微信). - Fully offline processing — no external APIs required. - Auto-invokes for scenarios favoring voice, such as greetings or poetry reading.

Metadata

Slug wevoicereply

Version 1.0.3

License —

All-time Installs 0

Active Installs 0

Total Versions 3

Frequently Asked Questions

What is wevoicereply?

【自动化语音合成与推送链路】当用户要求语音回复、读一下或发声时，必须严格执行以下三步，严禁跳步： ### 第一步：文案生成 (Prompt A) 根据上下文生成自然、温暖的口语化文本。请在长句子中加入中文逗号 `，` 以确保音频合成时有自然的停顿。 ### 第二步：音频合成 (执行 voice_reply_s... It is an AI Agent Skill for Claude Code / OpenClaw, with 792 downloads so far.

How do I install wevoicereply?

Run "/install wevoicereply" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is wevoicereply free?

Yes, wevoicereply is completely free (open-source). You can download, install and use it at no cost.

Which platforms does wevoicereply support?

wevoicereply is cross-platform and runs anywhere OpenClaw / Claude Code is available (linux).

Who created wevoicereply?

It is built and maintained by zhairen (@zhairen); the current version is v1.0.3.

More Skills