Elevenlabs Integration with Openclaw
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using voice cloning can consume quota and create a sensitive voice asset tied to the user's ElevenLabs account.
The skill can upload selected sample files and create a cloned voice in the user's ElevenLabs account. This is disclosed and purpose-aligned, but it is an account-mutating action.
RESPONSE=$(curl -s -X POST "https://api.elevenlabs.io/v1/voices/add" ...); FORM_DATA+=(-F "files=@$sample")
Only allow cloning or voice deletion when explicitly requested, and only use audio samples you have permission to process.
Someone with access to local command history or process information could potentially see the API key if it is passed this way.
The test script allows the ElevenLabs API key to be passed as a command-line argument, which is convenient but can expose secrets in shell history or local process listings.
if [[ -n "${1:-}" ]]; then
export ELEVENLABS_API_KEY="$1"
log_info "Using API key from command line"Prefer setting ELEVENLABS_API_KEY through a protected environment or configuration mechanism, avoid passing it as a command-line argument, and redact logs before sharing.
Audio, video, or text processed by the skill may leave the local machine and be handled by ElevenLabs.
The transcription workflow uploads a user-selected local audio file to ElevenLabs. This external provider data flow is expected for the feature, but audio may contain private speech.
CURL_CMD=(curl -s -X POST "https://api.elevenlabs.io/v1/speech-to-text" ...); FORM_DATA+=(-F "file=@$AUDIO_FILE")
Use the skill only with files you are comfortable sending to ElevenLabs, and review ElevenLabs' privacy, retention, and consent requirements.