Back to skill

Security audit

Announcer

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it generates text-to-speech announcements and plays them through configured AirPlay speakers, with ordinary privacy cautions for cloud TTS.

Install only if you are comfortable letting the skill control Airfoil speakers on your Mac and send announcement text for ElevenLabs TTS generation. Avoid announcing secrets or highly sensitive personal information, and review the configured speaker list and exclusions before use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Output HandlingUnvalidated Output Injection, Cross-Context Output, Unbounded Output
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill metadata declares runtime requirements and references an API key, external app, and Python script execution, but it does not explicitly declare permissions despite using environment access and shell-like execution capabilities. This can mislead users or security controls about what the skill actually needs, reducing transparency and making risky behavior harder to review.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The usage and workflow describe generating speech with ElevenLabs, but they do not clearly warn that the announcement text itself is transmitted to a third-party cloud service for TTS generation. Because announcements may contain private household messages, schedules, names, or sensitive information, omission of this disclosure creates a privacy risk and can lead to unintentional data exposure.

Unvalidated Output Injection

High
Category
Output Handling
Content
return speakerList
    end tell
    '''
    result = subprocess.run(["osascript", "-e", script], capture_output=True, text=True, timeout=10)
    if result.returncode != 0:
        print("Error: Could not query Airfoil. Is it running?", file=sys.stderr)
        sys.exit(1)
Confidence
82% confidence
Finding
subprocess.run(["osascript", "-e", script], capture_output

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.