text-to-speech

SUSPICIOUS. The skill’s core behavior matches its text-to-speech purpose and its tool scope is narrow, but it relies on a non-registry external CLI installed via pipe-to-shell and promotes transitive installation of other skills. There is no clear evidence of malicious intent or off-purpose credential theft, but the supply-chain trust model is materially riskier than a normal documentation-only skill.