Trust Assessment
kokoro-tts received a trust score of 95/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include User input sent to configurable external API.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | User input sent to configurable external API The skill sends user-provided text input (`args[0]`) directly to an API endpoint defined by the `KOKORO_API_URL` environment variable. While the default is `http://localhost:8880/v1/audio/speech`, this variable can be configured to an arbitrary remote URL. If an attacker can control the `KOKORO_API_URL` environment variable, they can exfiltrate user input by setting it to a malicious server, causing the skill to send sensitive text data to an untrusted destination. Consider restricting the `KOKORO_API_URL` environment variable to a whitelist of trusted domains or requiring explicit user consent/warning if a non-local URL is configured. If the skill is intended only for local use, remove the environment variable configuration option and hardcode `localhost`. If remote access is intended, ensure robust authentication and authorization mechanisms are in place for the `KOKORO_API_URL` endpoint. | LLM | scripts/tts.js:39 |
Scan History
Embed Code
[](https://skillshield.io/report/f8cf1b2d7811067c)
Powered by SkillShield