ai-avatar-video
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it ingests and processes untrusted data from multiple sources.
- Ingestion points: User inputs provided via
materialText,materialUrl, andmaterialFileparameters as defined inSKILL.mdandreferences/form-schema.json. - Boundary markers: None identified in the provided instructions or scripts; the agent relies on the backend service for instruction isolation.
- Capability inventory: The skill is limited to making network POST requests to the vendor's API endpoint (
ai-skills.ai/api/execute) via thescripts/run.pyscript. - Sanitization: No client-side sanitization, filtering, or escaping is performed on user-provided content before transmission.
- [SAFE]: Secret management is implemented correctly. The skill requires
AISKILLS_API_KEYto be provided via environment variables, avoiding the risk of hardcoded credentials. - [SAFE]: Network activity is restricted to the vendor's infrastructure. The
scripts/run.pyscript communicates exclusively withai-skills.ai, which is the authoritative domain for the skill provider.
Audit Metadata