The Agent Skills Directory

[PROMPT_INJECTION]: The script scripts/generate-seedance.sh interpolates user-provided text from the --subject argument into a prompt template that is subsequently sent to the Seedance 2.0 model. This creates an indirect prompt injection surface. Ingestion points: The --subject argument in scripts/generate-seedance.sh. Boundary markers: Absent; the input is directly placed within a [SCENE] tag. Capability inventory: The script performs network operations via curl, file system modifications (creating directories and saving files), and executes external scripts. Sanitization: Absent; while the input is JSON-encoded for API transport, there is no validation or filtering of the natural language content for malicious instructions.\n- [DATA_EXFILTRATION]: The skill is designed to upload local images, videos, and audio files to https://api.muapi.ai/api/v1/upload_file. While this is the intended functionality for video generation, it involves transmitting local user data to an external service.\n- [EXTERNAL_DOWNLOADS]: The script scripts/generate-seedance.sh downloads generated video files from URLs returned by the MuAPI service and saves them to a local directory (../../../../media_outputs/).\n- [COMMAND_EXECUTION]: The script executes several shell commands, including curl, jq, python3, and mkdir. It also invokes an external framework script located at ../../../../core/media/generate-video.sh and uses the open command on macOS to automatically preview the downloaded results.

muapi-seedance-2