Skills
skills/jgarrison929/openclaw-skills/elevenlabs-voices/Gen Agent Trust Hub

elevenlabs-voices

Fail

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: HIGHCREDENTIALS_UNSAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The file config.json contains a hardcoded ElevenLabs API key ('sk_21e560f185f210e29e0f9b471df5a3372d92d2cbb0a23eba').
  • [DATA_EXFILTRATION]: The scripts scripts/tts.py, scripts/sfx.py, and scripts/voice-design.py are configured to read sensitive information from external configuration files at ~/.openclaw/openclaw.json and /root/.openclaw/openclaw.json to retrieve authentication tokens.
  • [COMMAND_EXECUTION]: The skill documentation in README.md and SKILL.md instructs users to execute local Python scripts directly using the command line for setup and generation tasks.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it processes untrusted user input for audio generation.
  • Ingestion points: The --text argument in scripts/tts.py and the --prompt argument in scripts/sfx.py.
  • Boundary markers: No protective delimiters or isolation markers are implemented to separate user content from system instructions.
  • Capability inventory: The skill performs authenticated network requests to the ElevenLabs API.
  • Sanitization: Simple regex replacements for pronunciations are present in scripts/tts.py, but the skill lacks comprehensive sanitization or instruction-filtering for the synthesized text content.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 1, 2026, 05:33 PM