ai-avatar-video

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it ingests and processes untrusted data from multiple sources.
  • Ingestion points: User inputs provided via materialText, materialUrl, and materialFile parameters as defined in SKILL.md and references/form-schema.json.
  • Boundary markers: None identified in the provided instructions or scripts; the agent relies on the backend service for instruction isolation.
  • Capability inventory: The skill is limited to making network POST requests to the vendor's API endpoint (ai-skills.ai/api/execute) via the scripts/run.py script.
  • Sanitization: No client-side sanitization, filtering, or escaping is performed on user-provided content before transmission.
  • [SAFE]: Secret management is implemented correctly. The skill requires AISKILLS_API_KEY to be provided via environment variables, avoiding the risk of hardcoded credentials.
  • [SAFE]: Network activity is restricted to the vendor's infrastructure. The scripts/run.py script communicates exclusively with ai-skills.ai, which is the authoritative domain for the skill provider.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:30 AM
Security Audit — agent-trust-hub — ai-avatar-video