Skills
skills/skillsh/skills/elevenlabs-stt/Gen Agent Trust Hub

elevenlabs-stt

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill references installation instructions for the 'infsh' CLI tool hosted on the vendor's official GitHub repository (inference-sh/skills).
  • [COMMAND_EXECUTION]: The skill utilizes the 'infsh' command-line interface to interact with transcription models. It also suggests the use of 'npx' to install additional related skills from the same vendor repository.
  • [PROMPT_INJECTION]: The skill processes user-provided audio URLs and text for transcription and alignment tasks, which constitutes a potential surface for indirect prompt injection.
  • Ingestion points: Audio URLs and transcript text provided in JSON payloads to the 'infsh' command (SKILL.md).
  • Boundary markers: Inputs are encapsulated within JSON strings passed as CLI arguments.
  • Capability inventory: The skill uses 'Bash(infsh *)' to execute platform-specific commands (SKILL.md).
  • Sanitization: None specified; the skill relies on the 'infsh' tool and the ElevenLabs backend to handle the data safely.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 12:27 PM