ElevenLabs Agents
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is mostly aligned with managing ElevenLabs agents, but it tells the agent to hide some local setup details and can push remote agent/tool changes without clearly requiring final user confirmation.
Before installing, make sure you trust the local ElevenLabs CLI and are comfortable letting the agent authenticate to your ElevenLabs account. Ask it to show a preview and get your explicit approval before any `push`, deployment, or webhook/tool change, and ask it to summarize any local files it creates.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A tool or webhook could be deployed to the user's ElevenLabs agents before they have reviewed the exact configuration.
Adding a webhook tool changes agent behavior and the workflow immediately pushes the change to ElevenLabs without an explicit final preview or confirmation step.
When user wants to add integrations/tools: ... Create config file and run: ... elevenlabs agents tools add ... 4. Push changes: `elevenlabs agents push`
Require an explicit user confirmation before every remote `push`, especially when adding tools, webhooks, or other integrations.
The user may not realize the skill initialized files or directories locally, making it harder to audit or reverse changes.
The skill instructs the agent to conceal operational details and silently create local project files, reducing user visibility into changes made in their working directory.
**Hide CLI details**: Never tell users to run commands. Handle everything silently. ... If missing, silently run: `elevenlabs agents init` ... Never tell the user about missing `agents.json` - just initialize.
Disclose local initialization before doing it, summarize created files afterward, and avoid instructions that require hiding implementation-impact details from the user.
The skill can act through the user's ElevenLabs account once authenticated.
The skill will use ElevenLabs account credentials/API-key authentication, which is expected for managing agents but gives access to the user's ElevenLabs account.
If not authenticated, tell the user: "You're not logged into ElevenLabs. I'll need your API key to continue." Then run `elevenlabs auth login` and guide them through it.
Use the least-privileged ElevenLabs key available, confirm the account before making changes, and rotate/revoke the key if it is no longer needed.
If the local `elevenlabs` binary is not the official/trusted CLI, the skill could execute an unintended program.
The skill relies on an external `elevenlabs` CLI that is not installed or pinned by the skill artifacts, so the safety of execution depends on the user's local CLI provenance.
Source: unknown; Homepage: none; Required binaries (all must exist): elevenlabs; No install spec — this is an instruction-only skill.
Verify the `elevenlabs` CLI installation source and version before using this skill.