Skills
skills/samuraigpt/generative-media-skills/muapi-keyboard-art-maker/Gen Agent Trust Hub

muapi-keyboard-art-maker

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the muapi CLI (specifically muapi image generate and muapi auth configure) and curl to interact with the api.muapi.ai backend. These operations are used to authenticate and submit image generation requests.
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it interpolates the user-provided display_text parameter directly into image generation prompts and potentially into shell-based curl commands. 1. Ingestion points: display_text input in SKILL.md. 2. Boundary markers: None; the input is placed directly into the prompt string. 3. Capability inventory: Uses muapi CLI and curl for network operations. 4. Sanitization: No sanitization or validation of the display_text input is specified in the instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 02:05 PM
Security Audit — agent-trust-hub — muapi-keyboard-art-maker