Miranda ElevenLabs Speech (TTS/STT)
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: miranda-elevenlabs-speech Version: 1.0.0 The skill is classified as suspicious due to potential path traversal vulnerabilities in `scripts/elevenlabs_scribe.py` and `scripts/elevenlabs_speech.py`. Both scripts directly use user-provided file paths (`audio_file_path` for reading, `output_path` for writing) without explicit sanitization. While file access is necessary for the skill's functionality, this lack of sanitization could allow an attacker to read or write to arbitrary file system locations if the OpenClaw agent passes unsanitized user input to these arguments. There is no evidence of intentional malicious behavior, data exfiltration beyond the stated purpose, or prompt injection attempts in SKILL.md.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using the skill may consume your ElevenLabs quota or credits and acts through your ElevenLabs account.
The skill requires an ElevenLabs API key so the scripts can call ElevenLabs on the user's behalf. This is purpose-aligned, but the registry metadata lists no primary credential or required env var.
Set your API key: export ELEVENLABS_API_KEY="sk_..."
Use a dedicated or limited API key if possible, keep the key out of chat logs, and monitor ElevenLabs usage.
Voice recordings, and separately TTS text, leave the local machine and are processed by ElevenLabs.
The STT workflow uploads the selected local audio file to ElevenLabs for transcription. This is the core purpose of the skill, but it is still a third-party data flow.
with open(audio_file_path, 'rb') as audio_file: ... response = requests.post(url, headers=headers, data=data, files=files, timeout=120)
Only process text or audio you are comfortable sending to ElevenLabs, and review ElevenLabs' privacy, retention, and pricing terms.
It is harder to verify exactly who packaged or maintains this skill.
The bundled metadata uses a different owner/slug than the registry identity supplied for this review. This creates provenance ambiguity but does not show unsafe code execution or hidden behavior.
"ownerId": "kn7fe24yv7zvrbtg5wf3me2cxd80dsyc", "slug": "elevenlabs-voice"
Install only if you trust the registry package, and maintainers should align the registry metadata, bundled metadata, and source/homepage information.