ClawHub

Dlazy Elevenlabs Voice Clone

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed wrapper for a voice-cloning SaaS CLI, but its documentation needs privacy warnings and corrected examples before users rely on it blindly.

Before installing, understand that voice samples and parameters may be uploaded to dLazy/ElevenLabs-related services and that a dLazy API key may be stored locally. Only upload audio you own or are authorized to use, avoid deceptive impersonation, review the @dlazy/cli package/source if using @latest, and verify the real CLI help because the skill's examples and output schema appear partly copied from an image/prompt workflow.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Intent-Code Divergence

Medium
Confidence
92% confidence
Finding
The documented output schema and error examples appear copied from unrelated image/prompt workflows, which is unsafe for a voice-cloning skill because users and agents may provide incorrect parameters, mis-handle outputs, or misunderstand what data is being uploaded and returned. In a sensitive workflow involving biometric voice data, inaccurate interface documentation increases the chance of accidental disclosure, misuse, or unsafe automation decisions.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The example uses '--prompt' even though the documented options list only '--audio_url', '--name', and '--description', creating a direct contradiction that can cause agents to invoke the command incorrectly. For an automated agent skill, bad examples are operationally dangerous because they can trigger failed runs, unexpected fallback behavior, or submission of the wrong user data to a remote API.

Natural-Language Policy Violations

Medium
Confidence
91% confidence
Finding
The skill includes an 'agent critical instruction' that mandates specific response behavior, effectively steering the agent's output regardless of the user's language preference or higher-level orchestration policy. In an agent ecosystem, this is a prompt-scope violation: skill content should not override conversational or platform-level controls, and such embedded directives can normalize instruction injection patterns that may be abused more broadly.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
Voice samples are sensitive biometric and identity-linked data, yet the skill does not clearly warn users about consent, impersonation risk, or the privacy implications of uploading audio to third-party services. In the context of instant voice cloning, omission of these warnings materially increases the risk of non-consensual cloning, privacy violations, and social-engineering abuse.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal