Back to skill

Security audit

Workflow

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent muapi workflow helper, but it tells agents to repeatedly install an external local CLI and exposes workflow mutation actions without enough safeguards.

Install only if you trust the muapi CLI source being installed, and do not let an agent run the repeated pip install step automatically. Require explicit confirmation before creating, editing, renaming, deleting, executing workflows, downloading outputs, or using webhook URLs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The skill description is broad enough to match many ordinary user requests about building or running AI media workflows, which can cause the skill to activate outside narrowly intended scenarios. Overly permissive activation increases the chance an agent will invoke powerful generation, execution, or file-writing actions without sufficient user confirmation or scope checks.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The plain-language invocation guidance encourages use from vague requests without defining safe trigger boundaries. In a skill that can execute workflows, download outputs, and modify or delete workflows, ambiguous activation can lead to unintended actions being surfaced or attempted for routine creative requests.

Missing User Warnings

Low
Confidence
86% confidence
Finding
The documentation instructs the agent to use a download flag that writes files locally, but it does not warn about local filesystem effects or require user consent for the destination path. This can cause unexpected disk writes, overwriting of existing files, or storage of sensitive generated content on the local machine.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill documents a destructive delete command without any warning, confirmation requirement, or recovery guidance. In an agent context, presenting or following this guidance can normalize irreversible deletion of user workflows and increase the risk of accidental data loss.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.