Elevenlabs Integration with Openclaw
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: clawvox Version: 1.0.0 The OpenClaw AgentSkills skill bundle for ElevenLabs Voice Studio appears benign. All scripts (`clone.sh`, `dub.sh`, `isolate.sh`, `sfx.sh`, `speak.sh`, `transcribe.sh`, `voices.sh`) use `curl` to interact exclusively with the `https://api.elevenlabs.io` endpoint, which is the stated purpose of the skill. The `ELEVENLABS_API_KEY` is used solely for authenticating these API calls. File operations (reading audio, writing audio/text) are confined to the skill's stated functionality, and there is no evidence of data exfiltration, malicious execution, persistence mechanisms, or prompt injection attempts in `SKILL.md` or `README.md` that would deviate from the skill's purpose. The `common.sh` script provides robust error handling and input validation, and the `SKILL.md` even recommends running the skill in a sandbox environment, indicating security awareness.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using voice cloning can consume quota and create a sensitive voice asset tied to the user's ElevenLabs account.
The skill can upload selected sample files and create a cloned voice in the user's ElevenLabs account. This is disclosed and purpose-aligned, but it is an account-mutating action.
RESPONSE=$(curl -s -X POST "https://api.elevenlabs.io/v1/voices/add" ...); FORM_DATA+=(-F "files=@$sample")
Only allow cloning or voice deletion when explicitly requested, and only use audio samples you have permission to process.
Someone with access to local command history or process information could potentially see the API key if it is passed this way.
The test script allows the ElevenLabs API key to be passed as a command-line argument, which is convenient but can expose secrets in shell history or local process listings.
if [[ -n "${1:-}" ]]; then
export ELEVENLABS_API_KEY="$1"
log_info "Using API key from command line"Prefer setting ELEVENLABS_API_KEY through a protected environment or configuration mechanism, avoid passing it as a command-line argument, and redact logs before sharing.
Audio, video, or text processed by the skill may leave the local machine and be handled by ElevenLabs.
The transcription workflow uploads a user-selected local audio file to ElevenLabs. This external provider data flow is expected for the feature, but audio may contain private speech.
CURL_CMD=(curl -s -X POST "https://api.elevenlabs.io/v1/speech-to-text" ...); FORM_DATA+=(-F "file=@$AUDIO_FILE")
Use the skill only with files you are comfortable sending to ElevenLabs, and review ElevenLabs' privacy, retention, and consent requirements.