Skills
skills/inference-sh-9/skills/elevenlabs-stt/Gen Agent Trust Hub

elevenlabs-stt

Pass

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill is authorized to execute commands via the infsh CLI tool using the Bash tool. This access is utilized to run ElevenLabs applications for transcription and alignment on the vendor's platform.
  • [EXTERNAL_DOWNLOADS]: The documentation references external resources for installing the infsh CLI tool and adding related skills from the inference-sh GitHub organization. These references point to the vendor's own infrastructure and tools.
  • [PROMPT_INJECTION]: The skill processes untrusted external audio files and text inputs to generate transcripts. This activity represents an indirect prompt injection surface as instructions could be embedded in the audio or text content that might influence downstream agent actions if the output is processed further.
  • Ingestion points: Audio URLs and text strings provided as inputs to the elevenlabs/stt and elevenlabs/forced-alignment apps in SKILL.md.
  • Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are present in the documentation.
  • Capability inventory: Execution of arbitrary commands using the infsh tool via the Bash tool.
  • Sanitization: There is no mention of sanitization or validation of the transcribed output before it is used in subsequent workflow steps.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 19, 2026, 07:32 AM