Skills
skills/infsh-skills/skills/p-video-avatar/Gen Agent Trust Hub

p-video-avatar

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the 'belt' CLI tool, which is the official command-line interface for the inference.sh platform, to manage authentication and execute video generation tasks.
  • [EXTERNAL_DOWNLOADS]: The documentation references installation instructions for the 'belt' CLI tool hosted on the vendor's GitHub repository (inference-sh/skills).
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by accepting user-provided text for 'voice_script', 'video_prompt', and 'voice_prompt' parameters which are then processed by the underlying generative model.
  • Ingestion points: Input parameters for the 'belt' CLI command in SKILL.md.
  • Boundary markers: Inputs are encapsulated within a JSON string for the '--input' argument.
  • Capability inventory: Executes shell commands via the 'belt' tool to interact with remote APIs.
  • Sanitization: No explicit input sanitization or validation is described within the instruction set.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 01:48 PM