Bidirectional Voice Chat System

双向语音对话系统 - 语音识别转文字 + Edge TTS语音合成 + Cloudflare Tunnel公网访问

What to check before installing or running this skill: - Missing scripts: SKILL.md references hotkey_recorder.py, voice_chat_loop.py, chat.py and other runtime components that are not included. Ask the author for the missing files or disable features that call them. Running instructions that reference absent scripts will fail or be misleading. - Public exposure risk: If you enable 'ngrok' / 'cloudflared' modes or set a real domain, generated voice files under ~/.openclaw/workspace/voice_output will become reachable from the Internet. The bundled HTTP server suppresses access logs, so traffic may not be visible locally. Only expose this if you understand who can access the URLs and you are comfortable with voice data being public. - Credentials and tokens: The skill metadata does not declare any credentials, but ngrok/cloudflared require auth tokens (and Cloudflare Tunnel may require zone credentials). Manage those tokens carefully; do not paste them into untrusted code. The skill does not automatically upload data to any remote service in the provided code, but Edge TTS (edge-tts CLI) likely uses an online service — check its privacy policy. - Telemetry / monitoring: daily_monitor.py writes local reports and runs a local test that invokes generate_voice.py. It does not appear to exfiltrate telemetry, but the code refers to ClawHub stats ('需手动从 ClawHub 获取') without automated upload. If you are uncomfortable with local reports under ~/.openclaw/workspace/memory, inspect or remove that script. - Run in a sandbox first: Execute the scripts in a controlled environment (VM/container) to confirm behavior. Inspect generated URLs and verify that public-tunnel steps are manual and require your explicit tokens/configuration before you go public. - Review edge-tts & third-party binaries: edge-tts and 'hear' are third-party programs; verify their source, CLI behavior (whether they send audio/text to external servers), and install them intentionally. The SKILL does recommend fetching hear from GitHub releases — confirm checksums/limits before placing binaries into ~/.local/bin. If you want, I can enumerate the specific missing script names found in the SKILL.md and produce a minimal checklist of commands to safely test the local-only mode (server bound to localhost, no tunnels) in a sandbox.

Type: OpenClaw Skill Name: voice-chat-bridge Version: 1.1.0 The skill is classified as suspicious due to several risky capabilities and potential vulnerabilities, though without clear malicious intent. The `SKILL.md` contains instructions for the AI agent to modify its internal state (`connection` and `habits.json`), which is a form of prompt injection vulnerability. Additionally, the installation instructions in `SKILL.md` for the `hear` tool involve downloading and executing a binary from a remote URL (`curl -LO ... unzip ... cp`), posing a supply chain risk if the source were compromised. Finally, the skill leverages tools like Cloudflare Tunnel and Ngrok to expose local services to the public internet, a powerful capability that, while intended for benign purposes (serving voice files), introduces a significant attack surface if misused or if the exposed service were to become vulnerable.