audio-gen

clawhub:audio-gen

View source

84/100

First Seen

Feb 18, 2026

Last Scanned

Feb 22, 2026

Findings

Score

84/100

MEDIUM 2

Findings (2)

MEDIUM

Section claims authority and urgency with dangerous instructions NLP_AUTHORITY_CLAIM

prompt-injection L182

Section claims authority and urgency with dangerous instructions

IMPORTANT: The ELEVENLABS_API_KEY environment variable is already configured in the system. Simply invoke the TTS script directly.

FIX

Remove false authority claims (e.g., claiming administrator or root-level access) from tool descriptions. Tool descriptions should describe capabilities, not claim elevated roles.

FP?

Likely FP if the matched text is documentation explaining role-based access control concepts or describing user personas, not impersonating a system role.

MEDIUM

Conversation history poisoning PROMPT_INJECTION_007

prompt-injection L414

Detects fake conversation history injection

User: Yes

FIX

Remove social engineering language that attempts to manipulate the agent through urgency, emotional appeals, or authority claims.

FP?

Likely FP if the matched text is part of a legitimate skill description that uses urgency language for user-facing features (e.g., an incident response tool).