The Agent Skills Directory

[EXTERNAL_DOWNLOADS] (SAFE): The skill instructs the user to install official packages elevenlabs (Python) and @elevenlabs/elevenlabs-js (JS). These are standard dependencies for the service provided.
[DATA_EXFILTRATION] (SAFE): Network communication is limited to the official ElevenLabs API endpoint (api.elevenlabs.io). Sensitive data like the ELEVENLABS_API_KEY is handled through environment variables, which is a recommended security practice.
[COMMAND_EXECUTION] (SAFE): The references/streaming.md file contains a Python example using subprocess.Popen to call ffplay. This is a legitimate use case for playing streaming audio data, and the command arguments are hardcoded and safe.
[PROMPT_INJECTION] (SAFE): No prompt injection patterns or attempts to override agent behavior were detected in the documentation or code snippets.
[INDIRECT_PROMPT_INJECTION] (SAFE): While the skill processes user-provided text for speech generation, it does not execute this text as logic or feed it back into an agent's decision-making flow in a way that introduces risk.

text-to-speech