elevenlabs
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references the official
elevenlabslibrary for both Python and Node.js environments. These are standard dependencies for the intended service integration. - [COMMAND_EXECUTION]: The skill's instructions and examples include system setup tasks such as package installation (
pip install elevenlabs,npm install elevenlabs) and project configuration. These are expected behaviors for a setup-oriented skill. - [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface by processing user-provided text and audio for synthesis and conversational AI.
- Ingestion points: User-provided text in
client.text_to_speech.convertand audio chunks inConversationalAI.process_audio(SKILL.md). - Boundary markers: Not present in the provided templates.
- Capability inventory: File system writing (
open), network operations (ElevenLabs API), and shell command execution (installation steps). - Sanitization: The examples rely on the official SDK and do not include additional input sanitization.
Audit Metadata