speech-engine

Integrates real-time voice conversations into custom agents using ElevenLabs Speech Engine for enhanced user interaction.

Install this skill

65/100

Security score

The speech-engine skill was audited on Jun 8, 2026 and we found 7 security issues across 2 threat categories, including 2 high-severity. Review the findings below before installing.

Categories Tested

Security Issues

low line 159

Fetch to external URL

SourceSKILL.md

159	const { token } = await fetch("/api/token").then((res) => res.json());

high line 45

Ngrok tunnel reference

SourceSKILL.md

45	2. Expose your Speech Engine server through a public HTTPS URL for local development, for example with `ngrok http 3001`.

high line 97

Ngrok tunnel reference

SourceSKILL.md

97	`PUBLIC_WS_URL` should look like `wss://example.ngrok.app/ws` locally or your production WebSocket route in deployment.

low line 85

Access to .env file

SourceSKILL.md

85	apiKey: process.env.ELEVENLABS_API_KEY,

low line 90

Access to .env file

SourceSKILL.md

90	speechEngine: { wsUrl: process.env.PUBLIC_WS_URL! },

low line 115

Access to .env file

SourceSKILL.md

115	const engine = await elevenlabs.speechEngine.get(process.env.ELEVENLABS_SPEECH_ENGINE_ID!);

low line 139

Access to .env file

SourceSKILL.md

139	agentId: process.env.ELEVENLABS_SPEECH_ENGINE_ID!,

Scanned on Jun 8, 2026

View Security Dashboard

Installation guide →

Rate this skill

Categorydevelopment

UpdatedJune 15, 2026

openclaw api backend ml-ai-engineer backend-developer product-manager development product

mashharuki/AWS-SummitHackathon-2026