muapi-workflow
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on executing the
muapiCLI through several shell scripts (run-workflow.sh,generate-workflow.sh, etc.) to perform operations. The scripts use proper shell quoting and array handling to prevent command injection. - [EXTERNAL_DOWNLOADS]: The documentation instructs users to install or upgrade the
muapi-clifrom a local workspace path. It also communicates with themuapi.aiAPI to fetch workflow definitions and results, which are legitimate operations for this vendor-specific tool. - [PROMPT_INJECTION]: The skill processes workflow metadata (names and descriptions) retrieved from the remote API. This is an indirect prompt injection surface; however, the skill includes explicit 'CRITICAL RULES' for the agent to avoid guessing inputs and to require user confirmation, which effectively mitigates the risk of autonomous malicious behavior.
Audit Metadata