Back to skill

Security audit

Elevenlabs Tts

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent ElevenLabs voice-message helper with ordinary cautions around third-party processing, WhatsApp sending, and temporary audio files.

Install only if you are comfortable configuring an ElevenLabs API key and sending the text you synthesize to ElevenLabs, then sending generated audio through WhatsApp. Before use, confirm the recipient and content, use a trusted ffmpeg installation, and keep cleanup commands pointed only at the temporary audio file created for the current task.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Low
Confidence
93% confidence
Finding
The skill instructs users to copy generated audio into the workspace and then delete it using shell commands, but it does not include safeguards against overwriting existing files or deleting the wrong path. In an agentic setting, reusable examples like `cp ... voice-temp.ogg` and `rm /root/.openclaw/workspace/voice-temp.ogg` can be followed mechanically, creating a risk of workspace file loss or clobbering if paths are changed, reused, or expanded incorrectly.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill requires an ElevenLabs API key and is clearly designed to send user-supplied text to ElevenLabs for synthesis, but it does not prominently warn that message content will be transmitted to a third-party service. This can expose sensitive or regulated text if users assume processing is local or do not realize that prompts, dialogue, and potentially personal content leave their environment.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.