mulerouter
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: Accesses local files for image and video generation tasks. Evidence: The skill reads local file paths provided via parameters like --image in core/image.py. Sanitization: It implements a validate_image_path function that resolves paths to prevent traversal, enforces a whitelist of image extensions (e.g., .png, .jpg), and explicitly blocks access to .env files, sensitive system directories (/etc, /proc, /sys, /dev), and user configuration folders (.ssh, .aws, .gnupg).
- [PROMPT_INJECTION]: Possesses an attack surface for indirect prompt injection via untrusted inputs. Ingestion points: Processes user-provided text prompts and local images in model scripts such as models/alibaba/wan2.6-t2v/generation.py. Boundary markers: No explicit markers found to delimit user input from instructions. Capability inventory: Performs network POST requests to vendor APIs (api.mulerouter.ai or api.mulerun.com) and reads local files. Sanitization: Implements extension and path validation for local files.
Audit Metadata