ai-provider-elevenlabs
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill utilizes official ElevenLabs SDKs (@elevenlabs/elevenlabs-js, @elevenlabs/client) and interacts exclusively with legitimate API endpoints (api.elevenlabs.io).
- [SAFE]: Instructions strictly mandate the use of environment variables for API keys and explicitly warn against hardcoding secrets in version control.
- [SAFE]: The documentation includes patterns for generating signed URLs to facilitate secure browser-side conversational AI sessions without exposing sensitive keys.
- [SAFE]: File system operations are restricted to generating and writing audio output (e.g., output.mp3), which is standard and expected behavior for text-to-speech integration.
- [SAFE]: All provided code samples follow industry-standard patterns for resilience, such as implementing timeouts, retries, and proper stream consumption.
Audit Metadata