Sag

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a straightforward ElevenLabs text-to-speech helper with disclosed credential and CLI requirements, though users should treat generated text as being sent to ElevenLabs.

Before installing, verify that you trust the Homebrew tap and the sag CLI it installs. Use a revocable ElevenLabs API key, monitor usage or billing, and avoid sending secrets or confidential text unless ElevenLabs processing and retention terms are acceptable to you.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill instructs users to supply an ElevenLabs API key and use cloud TTS functionality, but it does not clearly disclose that submitted text and authentication credentials are used to interact with a third-party service. This can cause users to unknowingly send sensitive prompts or content off-device, which is a real privacy and data-handling risk in an agent skill context.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal