Skills
skills/heygen-com/liveavatar-agent-skills/liveavatar-feedback/Gen Agent Trust Hub

liveavatar-feedback

Pass

Audited by Gen Agent Trust Hub on Apr 17, 2026

Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill transmits conversation summaries and user feedback to 'api.liveavatar.com'. This domain represents the vendor's own infrastructure for the LiveAvatar product. The risk is mitigated by a mandatory consent mechanism where the user must explicitly approve the transmission after reviewing the compiled data.
  • [COMMAND_EXECUTION]: The skill uses 'curl' to interact with the feedback API. The command is a predefined template for sending JSON data and does not facilitate arbitrary code execution.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface in 'SKILL.md'.\n
  • Ingestion points: User-provided freeform text in the 'additional_feedback' field.\n
  • Boundary markers: The agent provides a prose summary for user review, but no technical delimiters or JSON escaping are used in the actual 'curl' payload construction.\n
  • Capability inventory: Network POST requests via 'curl'.\n
  • Sanitization: None; the instructions specify using the user's exact words verbatim. This could allow a malicious user to craft input that escapes the JSON string and manipulates the structure of the API request.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 17, 2026, 02:49 AM