ttsCN
Warn
Audited by Gen Agent Trust Hub on Jul 8, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill frequently uses the
subprocessmodule to execute system commands for audio processing. Scripts includingazure.py,baidu.py,cosyvoice.py,doubao.py,edge.py,minimax.py,tencent.py, andxunfei.pycallffmpegto concatenate audio chunks and resample files, andffprobeto extract duration metadata. TheSKILL.mdalso instructs the agent to use theopencommand to launch a local HTML document in the user's browser.\n- [REMOTE_CODE_EXECUTION]: The skill utilizes dynamic code loading to initialize backend-specific logic. Inscripts/backends/__init__.py, theinit_backendandget_synthesize_funcfunctions use__import__andimport_modulewith module paths determined by configuration data indata/providers.json. This approach allows the skill to load only the necessary provider implementations at runtime based on user selection.\n- [EXTERNAL_DOWNLOADS]: The skill depends on various external Python SDKs and libraries to interact with TTS provider APIs. It references packages such asedge-tts,dashscope,azure-cognitiveservices-speech,tencentcloud-sdk-python-tts,baidu-aip, andwebsocket-client. These dependencies are sourced from established tech organizations including Microsoft, Alibaba, Tencent, Baidu, and ByteDance, and are used solely for fulfilling the primary TTS synthesis purpose.
Audit Metadata