moai-baas-neon-ext
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill provides documentation and code templates for enterprise database management. No malicious patterns, obfuscation, or unauthorized data access were detected.
- [EXTERNAL_DOWNLOADS]: The skill fetches the latest documentation for Neon and PostgreSQL via the Context7 MCP. This is a legitimate functional requirement to provide up-to-date technical advice.
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool for administrative tasks such as branch management via the Neon CLI, which is consistent with its intended enterprise use case.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface through its automated documentation retrieval logic.
- Ingestion points: Documentation is ingested via the mcp__context7__get-library-docs tool in the NeonArchitectOptimizer class.
- Boundary markers: No explicit delimiters or 'ignore' instructions are present in the pseudo-code templates to isolate external content.
- Capability inventory: The skill has access to Bash, Write, and Edit tools.
- Sanitization: The provided logic does not describe specific filtering or sanitization of the fetched documentation before processing.
Audit Metadata