elevenlabs-tts
Warn
Audited by Socket on Jul 7, 2026
1 alert found:
SecuritySecuritySKILL.md
MEDIUMSecurityMEDIUM
SKILL.md
SUSPICIOUS. The stated TTS purpose is plausible, but the implementation relies on a third-party CLI/service layer, mixed publisher identities, credential forwarding through `belt login`, and explicit transitive skill installation. This is more expansive than a normal direct ElevenLabs integration and weakens install trust and data-flow integrity.
Confidence: 84%Severity: 78%
Audit Metadata