Skills
skills/samuraigpt/generative-media-skills/muapi-seedance-2/Gen Agent Trust Hub

muapi-seedance-2

Pass

Audited by Gen Agent Trust Hub on Mar 13, 2026

Risk Level: SAFEDATA_EXFILTRATIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The scripts/generate-seedance.sh script includes an upload_file function that sends local image files to https://api.muapi.ai/api/v1/upload_file for processing. This behavior is required for the Image-to-Video functionality of the skill.
  • [EXTERNAL_DOWNLOADS]: The skill downloads generated video files from URLs provided by the MuAPI backend and saves them locally in a media output directory.
  • [COMMAND_EXECUTION]: The script executes a core video generation script at a relative path and uses the macOS open utility to display files when the --view flag is used.
  • [PROMPT_INJECTION]: The skill provides an attack surface for indirect prompt injection by interpolating user-provided scene descriptions into cinematic templates. Ingestion points: The --subject and --file arguments in scripts/generate-seedance.sh. Boundary markers: None present. Capability inventory: Subprocess execution, network requests via curl, and file system access. Sanitization: Prompt strings are JSON-encoded using Python for API payloads.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 13, 2026, 09:57 PM