HeyGen Automation
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- SAFE (SAFE): No malicious patterns or security vulnerabilities were detected in the skill documentation.
- Indirect Prompt Injection (SAFE): The skill defines an interface for ingesting external data (templates and avatars) and using it to generate video content. While this creates a potential surface for indirect prompt injection, it is a standard feature of the intended service and does not include malicious code. Evidence Chain: 1. Ingestion points: HEYGEN_V2_TEMPLATES and HEYGEN_V2_AVATARS via the Composio bridge. 2. Boundary markers: Absent in the manifest. 3. Capability inventory: Video generation and URL retrieval via HEYGEN_V2_TEMPLATE_GENERATE. 4. Sanitization: Not specified in the skill description.
Audit Metadata