muapi-media-editing
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill communicates exclusively with the MuAPI service via api.muapi.ai. This is the intended behavior for the provided functionality and is consistent with the vendor's official API domain.\n- [SAFE]: Sensitive environment variables like MUAPI_KEY are managed via a local .env file. The scripts provide a built-in mechanism to capture and store these credentials locally, following standard configuration practices for CLI-based agent tools.\n- [SAFE]: User-provided prompts are safely processed using Python's json.dumps function to ensure they are correctly escaped before being interpolated into API requests, which prevents structural injection in the JSON payloads.\n- [SAFE]: Media files are uploaded to the vendor's dedicated upload endpoint using standard multipart form data, with no indications of data exfiltration to unauthorized third-party services.
Audit Metadata