Skills
skills/samuraigpt/generative-media-skills/muapi-talking-baby-video/Gen Agent Trust Hub

muapi-talking-baby-video

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION]: The skill interpolates untrusted user inputs directly into the prompts used for image and video generation tools.
  • Ingestion points: The baby_description, baby_costume, and dialogue variables in SKILL.md are sourced from user input.
  • Boundary markers: There are no boundary markers or instructions to the model to ignore potential commands within the user-provided text.
  • Capability inventory: The skill has the capability to generate images and videos via the muapi CLI and perform network requests using curl to external endpoints.
  • Sanitization: No sanitization or validation logic is present to filter malicious instructions or escape content within the user inputs.
  • [COMMAND_EXECUTION]: The skill instructions include the use of the muapi CLI and curl for interacting with the MuAPI service. These commands are integral to the skill's intended functionality of generating media.
  • [DATA_EXFILTRATION]: The skill instructions describe using curl to send an API key (MUAPI_API_KEY) to https://api.muapi.ai. This operation targets the vendor's official API endpoint and is required for the skill to function.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 02:04 PM
Security Audit — agent-trust-hub — muapi-talking-baby-video