Skills
NYC
skills/ovachiever/droid-tings/elevenlabs-agents/Socket

elevenlabs-agents

Fail

Audited by Socket on Feb 15, 2026

1 alert found:

Malware
MalwareHIGH
SKILL.md

BENIGN TREND WITH HIGH IMPLEMENTATION RISK: The fragment itself shows no malware or covert behavior. It is a comprehensive developer guide with credential-related patterns that, if implemented securely, pose no inherent risk. However, its breadth of credential usage, signed URL flows, webhook handling, and CSP/worklet configurations create ample opportunity for misconfiguration in real-world deployments. Emphasize secure secret management, rotation, server-mediated credential delivery, strict CSP, and proper validation of webhooks to mitigate risk.

Confidence: 98%Severity: 55%
Audit Metadata
Analyzed At
Feb 15, 2026, 08:55 PM
Package URL
pkg:socket/skills-sh/ovachiever%2Fdroid-tings%2Felevenlabs-agents%2F@25c3e944d9a59bd8540ba1ad4d0fce2ca4448c03