Skills
skills/daaab/openclaw-skills/heygen-avatar-lite/Gen Agent Trust Hub

heygen-avatar-lite

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill is entirely informational, providing a guide for using the HeyGen API. No malicious scripts, hardcoded credentials, or suspicious network activities were identified.
  • [NO_CODE]: There are no executable files provided with this skill. It consists of a single Markdown file with documentation and CLI command examples.
  • [PROMPT_INJECTION]: Indirect prompt injection surface identified as per Category 8 guidelines. 1. Ingestion points: input_text field in SKILL.md curl examples. 2. Boundary markers: Absent. 3. Capability inventory: Network access to api.heygen.com via curl. 4. Sanitization: None documented. This represents a theoretical surface in documentation and does not constitute a vulnerability in executable code.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 01:48 AM