Skills
skills/samuraigpt/generative-media-skills/muapi-music-video/Gen Agent Trust Hub

muapi-music-video

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill performs template interpolation by inserting user-provided text (theme, visual_style, music_style) into prompts for image, audio, and video generation commands. This creates an indirect prompt injection surface where a user could provide instructions to bypass intended content constraints.
  • Ingestion points: The theme, music_style, and visual_style input fields in SKILL.md are processed by the agent.
  • Boundary markers: No explicit delimiters or boundary markers (like XML tags or markdown blocks) are used to isolate user input within the command strings.
  • Capability inventory: The skill uses muapi CLI and curl to interact with external generation APIs.
  • Sanitization: There is no instruction for the agent to sanitize, escape, or validate the user-supplied strings before interpolating them into the final prompt.
  • [COMMAND_EXECUTION]: The skill provides instructions to execute shell commands using the muapi CLI and curl. These commands are used to interact with the service at https://api.muapi.ai, which is consistent with the skill's stated purpose.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 02:04 PM
Security Audit — agent-trust-hub — muapi-music-video