moai-alfred-context-budget
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides bash script examples for managing local memory files (e.g., rotating files in .moai/memory/) using standard utilities like wc and mv.
- [EXTERNAL_DOWNLOADS]: The skill documentation describes configuring MCP servers which involves downloading Node.js packages like @playwright/mcp and @sequential-thinking/mcp via npx.
- [REMOTE_CODE_EXECUTION]: The skill promotes the use of MCP servers that execute code locally to perform browser automation and documentation analysis.
- [PROMPT_INJECTION]: The skill's workflow for reading project source code and documentation creates a potential surface for indirect prompt injection.
- Ingestion points: File reading via Read() and Glob() in SKILL.md and reference.md.
- Boundary markers: None specified to differentiate between instructions and project data.
- Capability inventory: The agent possesses Bash execution and file modification capabilities.
- Sanitization: No content validation or filtering is implemented for ingested files.
Audit Metadata