Skills
skills/inference-sh-skills/skills/p-video-avatar/Gen Agent Trust Hub

p-video-avatar

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the belt CLI tool (Bash(belt *)) to interact with the inference.sh platform. This execution is limited to the vendor's specific application runner and is necessary for the skill's primary function.
  • [EXTERNAL_DOWNLOADS]: The documentation points to installation scripts and related skills hosted on official GitHub repositories belonging to the vendor (inference-sh and belt-sh). These are recognized vendor resources and do not escalate the security risk.
  • [PROMPT_INJECTION]: The skill defines parameters such as voice_script, video_prompt, and voice_prompt which interpolate user-supplied text into prompts for the generative model. Additionally, it includes a disable_safety_filter parameter. While these create an interface that could be used for prompt injection against the remote model, they are documented features of the API rather than attempts to bypass the agent's internal safety protocols.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 07:06 PM
Security Audit — agent-trust-hub — p-video-avatar