elevenlabs-tts
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute the infsh CLI for text-to-speech generation. It passes user-defined text and parameters as JSON payloads to the infsh app run command.
- [EXTERNAL_DOWNLOADS]: The skill documentation references external installation scripts for the infsh CLI and provides commands to install additional related skills from the inference-sh/skills repository using npx.
- [PROMPT_INJECTION]: As the skill processes arbitrary user-provided text for speech synthesis, it contains an inherent surface for indirect prompt injection. This is particularly relevant given the suggested video workflow where the output of this skill is used as input for another tool. * Ingestion points: The text parameter in the infsh app run command. * Boundary markers: None present in the command examples. * Capability inventory: Executes the infsh CLI tool for remote processing. * Sanitization: No explicit sanitization or filtering of user text is documented within the skill definition.
Audit Metadata