Skills
skills/michaelboeding/skills/voice-generation/Gen Agent Trust Hub

voice-generation

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCREDENTIALS_UNSAFEDATA_EXFILTRATION
Full Analysis
  • [CREDENTIALS_UNSAFE] (HIGH): The scripts elevenlabs.py and openai_tts.py contain a load_env function that automatically scans for and reads .env files in ~/.config/skills/.env and ~/.env to load API keys into the environment.
  • [DATA_EXFILTRATION] (HIGH): The --file argument in both scripts enables reading any file on the filesystem and sending its content to external API endpoints (api.elevenlabs.io and api.openai.com). This provides a direct mechanism for exfiltrating sensitive files like SSH keys if the agent is directed to process them.
  • [PROMPT_INJECTION] (MEDIUM): The skill has a significant indirect prompt injection surface as it ingests untrusted text or file content for external processing without sanitization or boundary markers. Evidence Chain: 1. Ingestion: --text and --file CLI arguments in elevenlabs.py and openai_tts.py. 2. Boundaries: None. 3. Capabilities: File-read (open), Network POST (urlopen), and File-write (open). 4. Sanitization: None.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 04:35 AM