Skills
skills/ajbcoding/claude-skill-eval/moai-baas-railway-ext/Gen Agent Trust Hub

moai-baas-railway-ext

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection surface detected.\n
  • Ingestion points: The skill utilizes the mcp__context7__get-library-docs tool within the RailwayArchitectOptimizer class (SKILL.md) to fetch documentation from external library IDs.\n
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to disregard potentially malicious instructions embedded within the retrieved content.\n
  • Capability inventory: The skill has access to high-privilege tools including Bash, Write, and Edit, which could be targeted by instructions in the external data.\n
  • Sanitization: No evidence of validation or sanitization of the external content is present before processing by the agent.\n- [EXTERNAL_DOWNLOADS]: The skill configuration includes instructions to download and install the @railway/cli package from the official npm registry during CI/CD workflows. This is a standard operation for the Railway service and is considered safe.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 01:06 AM