豆包语音合成 2.0

豆包语音合成 2.0，支持情绪控制、多音色、语音指令。34 种音色可选，含 JARVIS 同款男声。

Things to check before installing/use: - The skill's registry metadata did not list required environment variables, but both SKILL.md and the shipped Python code require VOLCANO_APP_ID and VOLCANO_ACCESS_TOKEN. Don't provide credentials until you confirm this is the intended provider and you trust the package source. - Verify the API endpoint and token format with the official 火山引擎 (Volcano/ByteDance) docs. The code and docs use an unusual 'Bearer; {token}' header format (semicolon + space) — confirm that's required and not a typo that will prompt manual token hacks. - Inspect the included tts_client.py locally (it is provided) before running. The code performs network calls to https://openspeech.bytedance.com and writes audio files under ~/.openclaw/tts_output and reads ~/.openclaw/openclaw.json; ensure you are comfortable with that file access. - Playback uses subprocess.run with system binaries (afplay/aplay/Windows start). Running these is typical but ensure your environment has the expected players; subprocess usage appears to use list form (no shell injection), but you should still inspect the tail of the file (the provided tts_client.py was partially truncated in the scan) to confirm no unexpected shell=True or unescaped concatenation. - If you want least privilege: create a dedicated minimal-volume API key on the provider side (if supported) and test in a sandboxed account before using production credentials. Given the above inconsistencies and the need to handle credentials, proceed with caution and verify the token/header format and the skill's origin before granting credentials or installing into a production agent.

Type: OpenClaw Skill Name: seedtts2 Version: 1.0.0 The skill provides a functional Python client and CLI for Volcengine's SeedTTS 2.0 API. While the logic is aligned with its stated purpose, tts_client.py contains a shell injection vulnerability in the say_and_play method; on Windows, it uses subprocess.run with shell=True on the output file path, which could allow arbitrary command execution if a user provides a crafted filename. No evidence of intentional malice or unauthorized data exfiltration was found, as API credentials are only sent to the official ByteDance endpoint (openspeech.bytedance.com).