chanjing-avatar
Fail
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: HIGHCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill includes hardcoded API credentials in the SKILL.md file. Specifically, an app_id ("84042cb5") and a secret_key ("10cd5091fe6042dfb91ba01816a991e0") are provided in the documentation for obtaining an access token. Exposing secrets in plain text allows unauthorized access to the vendor's API.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface. It ingests untrusted user text through the tts_config.text parameter which is then sent to an external API (https://open-api.chanjing.cc/open/v1/video_lip_sync/create) for video generation.
- Ingestion points: User-provided text in the tts_config.text field.
- Boundary markers: Absent.
- Capability inventory: Network POST requests to the Chanjing Avatar API.
- Sanitization: No sanitization or validation of the input text is mentioned.
Recommendations
- AI detected serious security threats
Audit Metadata