sherpa-onnx-tts
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Retrieves platform-specific runtime binaries and Piper voice models from the official sherpa-onnx repository on GitHub during the installation phase.
- [COMMAND_EXECUTION]: Executes the downloaded offline text-to-speech binary via spawnSync, using an argument array to safely pass the synthesis text and output path without risk of shell injection.
- [COMMAND_EXECUTION]: Dynamically adjusts process environment variables including PATH, LD_LIBRARY_PATH, and DYLD_LIBRARY_PATH to include the local runtime and library directories required for the binary to function correctly.
Audit Metadata