Miranda SAG (ElevenLabs TTS say-UX)

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward ElevenLabs text-to-speech helper with expected API-key, external-service, and temporary audio-file behavior.

Install only if you trust the sag Homebrew formula and ElevenLabs handling of submitted text. Use a revocable ElevenLabs API key, monitor usage, avoid sending secrets or confidential content for speech generation, and delete generated /tmp audio files when they contain sensitive material.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill requires an API key for ElevenLabs and encourages sending arbitrary text to the service, but it does not warn that prompts and generated content are transmitted to a third-party provider. In an agent setting, users may assume local processing and accidentally send sensitive text, credentials, or private data to an external API without informed consent.

Missing User Warnings

Low

Confidence: 72% confidence
Finding: The example writes audio output to /tmp/voice-reply.mp3 without warning about local filesystem side effects. While this is a normal CLI behavior, in an automated agent workflow it can create artifacts containing sensitive spoken content that persist locally and may be accessible to other processes or users on the system.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal