voice
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Interacts with ElevenLabs' official API endpoints for cloud-based voice synthesis and transcription tasks.
- [EXTERNAL_DOWNLOADS]: Fetches pre-trained machine learning models from Hugging Face for local transcription using the mlx-whisper library.
- [COMMAND_EXECUTION]: Invokes macOS system binaries
sayandafplayvia safe subprocess calls to facilitate local text-to-speech and audio playback. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface where audio data is ingested and transcribed into the agent's context.
- Ingestion points: Audio transcription results from
scripts/stt_elevenlabs.pyandscripts/stt_local.py. - Boundary markers: Absent; the transcripts are output as raw strings without delimiters or instructions to ignore embedded commands.
- Capability inventory: Includes the ability to write files, make network requests to ElevenLabs, and execute system commands for audio feedback.
- Sanitization: Transcribed content is not filtered or sanitized before being returned to the agent.
Audit Metadata