tavus-cvi-persona
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Category 2: Data Exposure & Exfiltration] (SAFE): The skill contains example curl commands for the Tavus API and placeholders for API keys. These are standard documentation practices and do not involve unauthorized data access or exfiltration.
- [Category 4: Unverifiable Dependencies & Remote Code Execution] (SAFE): No package installations or remote script executions are present in the skill.
- [Category 8: Indirect Prompt Injection] (LOW): The skill defines a configuration schema for AI personas that accepts natural language inputs. (1) Ingestion points: The 'system_prompt' and 'context' fields in the JSON configuration. (2) Boundary markers: None provided in the examples. (3) Capability inventory: Personas support tool calling (get_weather) and voice synthesis. (4) Sanitization: Not applicable to this documentation file.
Audit Metadata