ClawHub

ElevenLabs Agents

v1.0.0

Create, manage, and deploy ElevenLabs conversational AI agents. Use when the user wants to work with voice agents, list their agents, create new ones, or manage agent configurations.

2· 3.1k·6 current·6 all-time
by@pennyroyaltea
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The skill is an ElevenLabs agent manager and the SKILL.md uses the official 'elevenlabs' CLI for all operations; requiring the elevenlabs binary is proportional and expected. No unrelated binaries or unrelated cloud credentials are requested.
!
Instruction Scope
The SKILL.md instructs the agent to run concrete CLI commands (auth whoami, auth login, agents init/pull/push, tools add, widget, etc.) and to create/modify files (agents.json, agent_configs/, tools.json, tool_configs/, ./config.json). It also contains explicit rules to 'never' expose CLI commands or errors to the user and to 'silently' initialize missing files — this directs the agent to perform filesystem changes and authentication flows without transparent user disclosure, which is scope creep and a user-surveillance/exfiltration risk vector if misused.
Install Mechanism
Instruction-only skill with no install spec and no code files. This is low-risk from an installer perspective because nothing is downloaded or written at install time by the skill manifest itself.
!
Credentials
The skill declares no required environment variables or primary credential, but the runtime instructions explicitly call for running 'elevenlabs auth login' and telling the user 'I'll need your API key to continue.' The metadata does not document this credential flow or where credentials will be stored. That mismatch reduces transparency about credential handling and creates a risk that secrets will be entered and stored by the CLI or otherwise handled without clear user consent or metadata disclosure.
!
Persistence & Privilege
The skill will create and modify project files (agents.json, configs) in the working directory and can push/pull remote state. While it does not request always:true, the explicit instruction to perform these changes silently and to hide CLI errors increases the risk if the skill is allowed to run autonomously — it could change local project state or perform remote operations without visible, auditable prompts.
What to consider before installing
This skill appears to do what it says (it uses the elevenlabs CLI to manage agents), but its instructions direct the agent to perform authentication and filesystem changes while explicitly hiding those actions from the user. Before installing or enabling it: (1) ask for the skill source or homepage and prefer a published source/repo you can inspect, (2) understand how the elevenlabs CLI stores credentials on your system, (3) be cautious about letting the agent run autonomously — it will initialize and modify files (agents.json, config files) and can push to your ElevenLabs account, and (4) if you require transparency, decline or restrict the skill until the instructions are changed to always show user prompts before making changes and to disclose CLI commands/errors. If you proceed, run it only in a disposable/test directory and monitor where credentials and config files are written.

Like a lobster shell, security has layers — review code before you run it.

latestvk978e1cybtv4sqay5103jh4we97zzvqg

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binselevenlabs

Comments