Skills
skills/gooseworks-ai/goose-skills/ai-video-calls-tavus/Gen Agent Trust Hub

ai-video-calls-tavus

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns detected; behavior aligns with the skill's functional description.
  • [CREDENTIALS_UNSAFE]: Accesses the vendor-specific credential file at ~/.gooseworks/credentials.json. This is standard for the gooseworks-ai platform and does not constitute unauthorized data exposure.
  • [COMMAND_EXECUTION]: Employs curl and python3 for API communication and credential parsing as part of its intended operations.
  • [PROMPT_INJECTION]: Ingests user-supplied parameters for API requests, representing a potential indirect prompt injection surface. Ingestion points: persona_id and conversation_name in SKILL.md. Boundary markers: Absent. Capability inventory: Subprocess execution via curl in SKILL.md. Sanitization: Not explicitly defined.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 01:06 PM