Shell command execution detected (child_process).
- Code
- suspicious.dangerous_exec
- Location
- speech-provider.ts:268
- Evidence
const proc = spawn(cmd, args, { cwd: params.cwd, env, stdio: ["pipe", "pipe", "pipe"] });
Security audit
Security checks across malware telemetry and agentic risk
This plugin does what it claims: it lets OpenClaw run a user-configured local TTS command and convert the resulting audio.
This appears internally consistent with a local CLI TTS provider. The main thing to understand is that it runs whatever command you configure; only point it at a TTS tool you trust. If you configure a cloud-based TTS CLI or provide API keys in the plugin config, that external tool—not this plugin—may send text/audio to its service. Confidence is medium because the provided speech-provider.ts content was truncated, so reviewing the full source would provide stronger assurance.
VirusTotal engine telemetry is currently stale for this artifact.
Detected: suspicious.dangerous_exec
const proc = spawn(cmd, args, { cwd: params.cwd, env, stdio: ["pipe", "pipe", "pipe"] });