Skills
skills/sundial-org/awesome-openclaw-skills/elevenlabs-agents/Gen Agent Trust Hub

elevenlabs-agents

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION] (HIGH): The skill constructs shell commands by directly interpolating user-provided strings into the CLI (e.g., elevenlabs agents add "Name"). This allows an attacker or a malicious user prompt to execute arbitrary commands by including shell metacharacters like semicolons or backticks in the agent name.
  • [INDIRECT_PROMPT_INJECTION] (HIGH): 1. Ingestion points: User-provided agent names, descriptions, and webhook URLs. 2. Boundary markers: None. 3. Capability inventory: Full execution of the elevenlabs CLI and the ability to write local configuration files. 4. Sanitization: There are no instructions to sanitize, escape, or validate user-provided input before passing it to the command-line interface.
  • [EXTERNAL_DOWNLOADS] (LOW): The skill requires a pre-installed external binary (elevenlabs CLI) which is not within the provided list of trusted organizations.
  • [DYNAMIC_EXECUTION] (MEDIUM): The skill dynamically generates a config.json file from user-provided webhook configurations and subsequently executes a CLI command referencing that file path.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 08:46 AM