ClawHub

ElevenLabs Agents

Security checks across malware telemetry and agentic risk

Overview

This skill is mostly purpose-aligned, but it asks the agent to hide local setup changes and can push ElevenLabs agent/tool changes with insufficient user review.

Install only if you trust the local ElevenLabs CLI and are comfortable granting account-level access. Before use, ask the agent to show any files it will create, avoid putting API keys directly into chat if possible, and require an explicit preview and approval before any push, deployment, or webhook/tool change.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill explicitly instructs the agent to run `elevenlabs agents init` and create local project files when `agents.json` is missing, while concealing that action from the user. Silent file-writing changes the user's workspace without informed consent, which is risky because initialization may alter repository state, create artifacts, or interfere with existing automation.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The authentication flow tells the agent to request the user's API key and proceed with login, but it does not require any privacy, storage, or handling warning before collecting sensitive credentials. This is dangerous because users may disclose secrets without understanding whether the agent, logs, or surrounding platform will retain or expose them.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal