voiceover-maker

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill makes network requests to official endpoints for ElevenLabs (api.elevenlabs.io) and MiniMax (api.minimaxi.com) to perform text-to-speech synthesis. These operations are essential to the skill's primary function.
  • [COMMAND_EXECUTION]: The agent executes the local script scripts/tts.py to process text inputs. Analysis of the script confirms it uses only the Python standard library and contains no logic for arbitrary code execution or privilege escalation.
  • [SAFE]: API credentials are handled securely. The skill provides a config.json.template for users to fill locally or allows keys to be passed via environment variables, ensuring that no sensitive secrets are hardcoded in the skill's codebase.
  • [SAFE]: File system operations are restricted and well-documented. The skill writes generated audio to the user's desktop and maintains a local cache and usage log within its own installation directory, posing no risk to sensitive system areas.
  • [SAFE]: The skill employs a zero-dependency architecture, significantly reducing the supply chain risk by avoiding the use of external third-party packages.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 01:47 PM
Security Audit — agent-trust-hub — voiceover-maker