elevenlabs-agents

skills-sh:jezweb_claude-skills__elevenlabs-agents

View source

75/100

First Seen

Feb 18, 2026

Last Scanned

Feb 20, 2026

Findings

Score

75/100

CRITICAL 1

LOW 1

Findings (2)

CRITICAL

Fake system prompt PROMPT_INJECTION_010

prompt-injection L139

Detects content pretending to be a system prompt

system prompt:

FIX

Remove encoded or obfuscated directives (base64, ROT13, unicode escapes, hex-encoded text). All text should be in plaintext and human-readable.

FP?

Likely FP if the encoded content is legitimate data (e.g., a base64-encoded image, a hex-encoded binary hash) rather than concealed directives.

LOW

Global package installation EXTDL_004

external-download L22

Detects global installation of packages which affects the host system

npm install -g @

FIX

Replace npm install -g with a local install (npm install --save-dev) or use npx with a pinned version. Global installs modify the system and risk supply chain attacks.

FP?

Likely FP if the global install is for a well-known CLI tool (e.g., typescript, eslint) in setup documentation, though the supply chain risk remains real.