tencent-tts
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The core logic in scripts/tencent_tts.py interacts exclusively with the official Tencent Cloud API endpoint (tts.tencentcloudapi.com) using standard HTTPS requests. All communication is authenticated via the legitimate Tencent Cloud API v3 signature process.
- [SAFE]: The skill adheres to security best practices for handling sensitive data by utilizing environment variables (TENCENTCLOUD_SECRET_ID and TENCENTCLOUD_SECRET_KEY) instead of hardcoding credentials. The included config_template.py further assists users in setting up their environment securely.
- [SAFE]: No patterns of prompt injection, data exfiltration, or obfuscation were detected. The skill's functionality matches its described purpose of converting text to speech.
- [SAFE]: External dependencies are limited to common development and testing packages such as pytest, black, and sphinx, which pose no security risk to the agent environment.
Audit Metadata