elevenlabs-sound-effects
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute 'belt' CLI commands. It correctly implements least privilege by restricting the tool's scope to only the 'belt' binary in the YAML frontmatter configuration.
- [EXTERNAL_DOWNLOADS]: The instructions reference the installation of the 'belt-sh/cli' package and link to installation documentation hosted on the 'inference-sh' GitHub repository. These sources are consistent with the skill's primary vendor and purpose.
- [PROMPT_INJECTION]: The skill processes user-supplied text for sound generation, which is interpolated into shell commands executed via the CLI. This constitutes an indirect prompt injection surface. Ingestion points: User-provided 'text' parameter. Boundary markers: None. Capability inventory: Bash tool access restricted to the 'belt' binary. Sanitization: No specific input sanitization is documented in the provided instructions.
Audit Metadata