No standalone ToS or privacy policy exists for voicebox.sh itself, and the unauthenticated localhost REST API poses a real risk if exposed on shared or networked machines — address both before any team or production use.
No ToS or privacy policy published at voicebox.sh or in the repository — the MIT licence covers code redistribution only, not data handling or end-user rights; this gap is unacceptable for any organisational deployment.
The REST API (port 17493) is unauthenticated by default with no API-key or auth layer documented; any process or user on the same machine or network segment can submit generation requests or enumerate stored voice profiles.
Voice data and generated audio stay local by default; the SECURITY.md explicitly states audio never leaves the machine unless remote-server mode is enabled — this is a genuine privacy strength for personal use.
The project is at v0.4.x (released April 2026), is under active development with 237+ commits and 22 releases since January 2026, and carries known open stability issues (49 open GitHub issues as of April 2026); it is not yet production-grade.
The tool relies on Alibaba's Qwen3-TTS and other third-party models downloaded from HuggingFace at first run; users inherit the licence terms of each model (including Qwen's licence, which permits commercial use subject to Alibaba's terms) and must review those separately.