p-video-avatar
Pass
Audited by Gen Agent Trust Hub on Jul 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's implementation aligns with its described functionality as a wrapper for the inference.sh platform.
- [COMMAND_EXECUTION]: The skill specifies
allowed-tools: Bash(belt *)in its frontmatter. This is a security best practice that restricts the agent's ability to execute arbitrary shell commands, limiting it to the specific platform CLI tool. - [EXTERNAL_DOWNLOADS]: The skill references documentation and installation resources from the official
inference.shdomain and its GitHub repository (github.com/inference-sh/skills). These are recognized as legitimate service resources. - [INDIRECT_PROMPT_INJECTION]: The skill processes external data including user-provided image/audio URLs and text scripts (e.g.,
voice_script,video_prompt). These inputs are interpolated into shell commands. - Ingestion points: SKILL.md (parameters: image, audio, voice_script, video_prompt, voice_prompt).
- Boundary markers: Data is passed as structured JSON within command arguments.
- Capability inventory: Executes
belt app runvia Bash subprocess calls. - Sanitization: Relies on the underlying platform's CLI and API for input processing and safety filtering.
Audit Metadata