Skills
skills/inferen-sh/skills/elevenlabs-tts/Gen Agent Trust Hub

elevenlabs-tts

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill provides links to installation instructions for the belt CLI tool from the developer's public GitHub repository.
  • [COMMAND_EXECUTION]: The skill uses the belt CLI to interact with the ElevenLabs synthesis engine via the inference.sh platform.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes user-provided text for audio generation.
  • Ingestion points: User-supplied text strings passed to the text parameter in the belt app run command in SKILL.md.
  • Boundary markers: External data is contained within a structured JSON object passed as a command argument.
  • Capability inventory: Execution of subprocess commands via the belt CLI tool as described in SKILL.md.
  • Sanitization: No explicit sanitization or filtering of user text is documented within the skill instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 07:13 PM
Security Audit — agent-trust-hub — elevenlabs-tts