ai-avatar-video
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill refers users to an installation script for the infsh CLI hosted on the inference-sh GitHub repository. This is consistent with the skill's stated purpose as an interface for the inference.sh platform.
- [INDIRECT_PROMPT_INJECTION]: The workflow for dubbing videos involves transcribing external audio/video files using the fast-whisper model. If the resulting transcript is subsequently used as input for an LLM without sanitization, it could potentially introduce malicious instructions from the original video content.
- Ingestion points: Audio and video files provided via URLs to the whisper model (SKILL.md)
- Boundary markers: None specified in the CLI commands provided
- Capability inventory: Uses infsh CLI to run remote AI models for transcription, TTS, and video generation
- Sanitization: No explicit sanitization of transcribed text is mentioned before being passed to other tools or LLMs
Audit Metadata