Skills
skills/inference-sh/skills/ai-avatar-video/Gen Agent Trust Hub

ai-avatar-video

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands using the belt CLI tool (e.g., belt app run) to interface with AI models. This is the primary intended functionality of the skill.
  • [EXTERNAL_DOWNLOADS]: The skill references installation instructions and documentation hosted on the vendor's official GitHub repository (inference-sh/skills). This is a standard practice for providing up-to-date setup guidance.
  • [PROMPT_INJECTION]: The skill contains an attack surface for indirect prompt injection as it processes user-provided text (e.g., voice_script, text_prompt) to generate video and audio content. Malicious instructions embedded in these fields could influence the agent's behavior if not properly handled by the underlying model.
  • Ingestion points: Untrusted data enters the context via parameters such as voice_script, text, voice_prompt, and video_prompt in SKILL.md.
  • Boundary markers: None identified in the provided instructions.
  • Capability inventory: The skill has the capability to execute Bash commands via the belt CLI.
  • Sanitization: No explicit sanitization or validation of input text is mentioned in the skill definition.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 10:35 AM
Security Audit — agent-trust-hub — ai-avatar-video