elevenlabs-dialogue
Pass
Audited by Gen Agent Trust Hub on Jul 7, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill processes user-supplied text to generate dialogue, which creates an indirect prompt injection surface.
- Ingestion points: Text segments within the
--inputJSON parameter inSKILL.md. - Boundary markers: Absent; input is placed directly within JSON strings.
- Capability inventory: Execution of
beltCLI commands via theBashtool inSKILL.md. - Sanitization: No input validation or escaping mechanisms are described in the instructions.
- [COMMAND_EXECUTION]: The skill uses the
beltCLI tool to perform audio synthesis and manage user sessions. Commands includebelt loginandbelt app run, which are scoped to the intended functionality of interacting with the ElevenLabs dialogue generation service. - [EXTERNAL_DOWNLOADS]: The skill references installation guides and images hosted on the
inference.shofficial domain and GitHub repositories. These external resources are required for setting up the necessary CLI environment.
Audit Metadata