Skills
skills/inference-sh-skills/skills/talking-head-production/Gen Agent Trust Hub

talking-head-production

Pass

Audited by Gen Agent Trust Hub on May 10, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill references installation instructions hosted on the author's official GitHub repository (https://raw.githubusercontent.com/inference-sh/skills/refs/heads/main/cli-install.md).
  • [COMMAND_EXECUTION]: The skill instructions utilize the belt CLI tool (via Bash tool permissions) to execute remote AI model tasks, which is the intended purpose of the skill.
  • [DATA_EXFILTRATION]: The skill requires passing external URLs for images and audio to remote processing endpoints through the belt tool. This is a standard functional requirement for cloud-based media generation.
  • [PROMPT_INJECTION]: As an AI production skill, it possesses an indirect prompt injection surface because it processes untrusted user-provided content (like voice scripts or external media descriptions) and feeds them into AI model prompts.
  • Ingestion points: voice_script, voice_prompt, and video_prompt fields within the belt app run commands (SKILL.md).
  • Boundary markers: The skill uses structured JSON objects to separate instructions from data, which provides a basic level of segmentation.
  • Capability inventory: The skill uses Bash(belt *) to interact with remote services.
  • Sanitization: There is no explicit sanitization or filtering of the script content demonstrated in the skill instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
May 10, 2026, 11:46 PM