Skills
skills/samuraigpt/generative-media-skills/muapi-multi-angle-shots/Gen Agent Trust Hub

muapi-multi-angle-shots

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it takes untrusted user input (e.g., product_name, background_style) and embeds it directly into prompts for image generation models.
  • Ingestion points: Input variables defined in the SKILL.md frontmatter (product_name, background_style, lighting, category).
  • Boundary markers: None present to distinguish user input from instructions within the generated prompts.
  • Capability inventory: Use of muapi image generate and curl network operations to external services.
  • Sanitization: No validation or escaping of the user-provided text is performed before interpolation.
  • [DATA_EXFILTRATION]: The instructions direct the agent to transmit a sensitive API key to an external endpoint (api.muapi.ai) using curl if the primary CLI tool is unavailable.
  • [COMMAND_EXECUTION]: The skill relies on executing shell commands, specifically the muapi CLI tool for image generation and task management, and curl for fallback API interactions.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 02:05 PM
Security Audit — agent-trust-hub — muapi-multi-angle-shots