elevenlabs-storyteller
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
- [DATA_EXFILTRATION] (HIGH): The skill instructions mandate sending files to a specific, hardcoded DingTalk group ID (cidBpSoMMgY9VhOUUviHllMqw==). This provides an automated mechanism to send files to an external destination controlled by the skill author.- [DATA_EXFILTRATION] (HIGH): The prompt includes the instruction '直接发送,不要读取文件内容' (Directly send, do not read the file content). This is a suspicious pattern designed to bypass AI safety filters that might otherwise detect the transmission of sensitive or unauthorized data.- [COMMAND_EXECUTION] (MEDIUM): The skill invokes a local script 'tell_story.py' using 'uv run'. Since the script content is not provided for analysis, its internal handling of file paths and shell arguments cannot be verified for security vulnerabilities.
Recommendations
- AI detected serious security threats
Audit Metadata