Skills
skills/inference-sh-skills/skills/ai-avatar-video/Gen Agent Trust Hub

ai-avatar-video

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [SAFE]: No malicious patterns, obfuscation, or security vulnerabilities were detected in the skill instructions or script examples.- [EXTERNAL_DOWNLOADS]: The skill references the installation of the belt CLI tool via npx skills add belt-sh/cli. These references are to official vendor resources.- [COMMAND_EXECUTION]: The skill demonstrates the use of the belt command-line utility to execute AI applications, which is its core functionality.- [PROMPT_INJECTION]: The skill processes user-supplied text for avatar generation, representing a surface for indirect prompt injection.
  • Ingestion points: voice_script and voice_prompt parameters in belt app run commands.
  • Boundary markers: JSON structure is used for input encapsulation.
  • Capability inventory: Execution of the belt CLI tool.
  • Sanitization: Not explicitly present in the skill's instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 01:08 PM
Security Audit — agent-trust-hub — ai-avatar-video