Skills
skills/halt-catch-fire/skills/elevenlabs-sound-effects/Gen Agent Trust Hub

elevenlabs-sound-effects

Pass

Audited by Gen Agent Trust Hub on Jun 19, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the belt CLI tool to interact with the sound generation API. The allowed-tools configuration in the YAML frontmatter correctly restricts the Bash tool to only execute commands starting with belt, which mitigates the risk of arbitrary command execution.- [EXTERNAL_DOWNLOADS]: The documentation points to the vendor's official GitHub repository and website (inference.sh) for CLI installation and related skills. These are legitimate resources for the service being provided.- [DATA_EXFILTRATION]: The skill ingests user-supplied text descriptions to generate audio via an external service. This is the intended and documented primary function of the skill.
  • Ingestion points: The text parameter used in belt app run commands.
  • Boundary markers: None (standard for this type of tool wrapper).
  • Capability inventory: Execution of the belt CLI tool via Bash.
  • Sanitization: No explicit sanitization of the input string is performed by the skill itself; it relies on the underlying CLI/API.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 19, 2026, 02:15 AM
Security Audit — agent-trust-hub — elevenlabs-sound-effects