Skills
skills/samuraigpt/generative-media-skills/muapi-interior-design/Gen Agent Trust Hub

muapi-interior-design

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: Vulnerability to indirect prompt injection due to the handling of external data.
  • Ingestion points: User-provided inputs such as room_type, design_style, and color_palette are ingested in SKILL.md.
  • Boundary markers: The skill lacks delimiters or explicit instructions for the agent to treat user input as untrusted data or to ignore embedded instructions.
  • Capability inventory: The agent is authorized to execute muapi CLI tools and curl commands to interact with remote endpoints (SKILL.md).
  • Sanitization: There are no instructions for sanitizing or escaping the user inputs before they are interpolated into the final prompt or command strings.
  • [COMMAND_EXECUTION]: The skill instructs the agent to construct and execute shell commands using muapi and curl for API interaction. This pattern relies on the agent's ability to safely handle shell metacharacters in user-supplied variables, which is a potential risk factor in the absence of explicit sanitization logic.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 02:04 PM
Security Audit — agent-trust-hub — muapi-interior-design