Skills
skills/skills-shell/skills/p-video-avatar/Gen Agent Trust Hub

p-video-avatar

Warn

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: MEDIUMPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The parameters documentation includes a 'disable_safety_filter' option which is set to 'true' by default, representing an explicit safety bypass instruction.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the processing of untrusted data in multiple parameters.
  • Ingestion points: Input parameters 'voice_script', 'video_prompt', and 'voice_prompt' in SKILL.md.
  • Boundary markers: Absent; user or external text is interpolated directly into the CLI command without delimiters.
  • Capability inventory: Shell command execution via the 'belt' CLI tool to generate remote content.
  • Sanitization: Absent; no escaping or validation is performed on the input strings before they are passed to the subprocess.
  • [EXTERNAL_DOWNLOADS]: The skill directs users to download and install a CLI tool from a remote repository and references installation scripts hosted on GitHub (inference-sh/skills).
  • [COMMAND_EXECUTION]: The skill's primary function is the execution of 'belt' shell commands to interact with the Pruna model API.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 22, 2026, 04:47 PM
Security Audit — agent-trust-hub — p-video-avatar