Skills
skills/inference-sh/agent-skills/elevenlabs-tts/Gen Agent Trust Hub

elevenlabs-tts

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes user-provided text for speech synthesis, creating a potential surface for indirect prompt injection where malicious instructions could be embedded in the text to be spoken.
  • Ingestion points: The text to be converted to speech is ingested via the --input JSON parameter in the infsh app run command.
  • Boundary markers: No specific delimiters or instructions to ignore embedded commands are present in the documentation.
  • Capability inventory: The skill uses the Bash(infsh *) tool to execute commands.
  • Sanitization: There is no evidence of input sanitization or validation for the text being processed.
  • [EXTERNAL_DOWNLOADS]: The skill's documentation directs users to download and execute scripts or add additional skills from the author's external repositories.
  • Evidence: Provides a link to a CLI installation script hosted on GitHub (inference-sh/skills) and suggests adding related skills using the npx skills add command, which fetches content from the author's registry.
  • [COMMAND_EXECUTION]: The skill relies on the execution of the infsh CLI tool through the Bash shell to perform its primary function of text-to-speech generation.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 01:40 AM