Skills
skills/toolshell/skills/elevenlabs-dubbing/Gen Agent Trust Hub

elevenlabs-dubbing

Pass

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill requires permission to execute the infsh CLI through Bash(infsh *). This enables the agent to utilize the full range of subcommands provided by the Inference.sh platform.
  • [EXTERNAL_DOWNLOADS]: The documentation provides links to remote installation scripts and utilizes npx to download and install additional skills from GitHub (inference-sh/skills).
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface. Ingestion points: External audio and video files are retrieved via user-supplied URLs in the --input JSON. Boundary markers: The prompt template lacks specific instructions to ignore malicious content or instructions embedded in the external media. Capability inventory: The skill can execute shell commands and perform network operations via the CLI tool. Sanitization: Media content is not validated or sanitized prior to processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 19, 2026, 01:18 PM
Security Audit — agent-trust-hub — elevenlabs-dubbing