eachlabs-voice-audio
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION] (MEDIUM): Category 8: Indirect Prompt Injection surface. The skill is designed to ingest and process data from external URLs, which could contain malicious instructions or unexpected content types designed to influence agent behavior.
- Ingestion points: Multiple parameters including
media_url,audio_url,file_url, andcustom_rvc_model_download_urlinSKILL.md. - Boundary markers: Absent. The skill does not provide delimiters or instructions to treat remote content as untrusted data.
- Capability inventory: Network operations (POST/GET) to
api.eachlabs.ai. - Sanitization: Absent. While the skill includes a 'Security Constraints' warning against arbitrary URLs, it provides no technical mechanism for validation or sanitization of these inputs.
- [COMMAND_EXECUTION] (MEDIUM): The documentation provides
curlcommand templates for API interaction. If an agent constructs these shell commands using unsanitized user inputs for text or URL parameters, it could lead to command injection or shell escape vulnerabilities. - [DATA_EXFILTRATION] (LOW): The skill transmits user-provided text, audio, and video data to
api.eachlabs.ai, which is a non-whitelisted third-party domain. While expected for the skill's functionality, it constitutes external data transmission. - [EXTERNAL_DOWNLOADS] (LOW): The skill facilitates the download of external resources (media files and RVC models) from non-whitelisted remote servers via the EachLabs infrastructure.
Audit Metadata