elevenlabs-dialogue
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references an external installation guide hosted on GitHub at https://raw.githubusercontent.com/inference-sh/skills/refs/heads/main/cli-install.md and suggests adding functionality via npx com m ands targeting the inference-sh/skills repository.
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to run the infsh CLI for user authentication (infsh login) and for executing audio generation applications (infsh app run).
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by interpolating user-provide d dialogue text directly into CLI com m and arguments. Ingestion points: The 'segments' array in the JSON input for infsh app run elevenlabs/text-to-dialogue (SKIL L.md). Boundary markers: No explicit delimiters or inst ruction s are present to separate user content from the com m and st ructure. Capability inventory: The skill requires the Bash tool with permission to run infsh com m ands (SKIL L.md). Sanitization: The skill does not include steps to validate or sanitize the input text segments.
Audit Metadata