Elevenlabs

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a legitimate voice-service integration, but it documents deletion actions without clear confirmation safeguards.

Install only if you intend to let the agent manage this voice-service account. Before using delete operations, require the agent to list the target resource, restate its ID/name, and get explicit confirmation; use the least-privileged API key available and keep credentials out of shared project files.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 84% confidence
Finding: The skill documents destructive capabilities like deleting voices and history items, but provides no confirmation or safety guidance before invoking them. In an agentic setting, this increases the risk of accidental irreversible actions if the model selects an action based on ambiguous user intent or overbroad task framing.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal