moai-cc-hooks
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill includes scripts like scripts/pre-bash-check.sh and scripts/validate-bash-command.py which are explicitly designed to increase security by blocking hazardous shell commands such as recursive deletions of the root directory or unauthorized use of sudo.
- [COMMAND_EXECUTION]: The skill facilitates the execution of bash and python scripts for hook validation and permission maintenance. The documentation in SKILL.md refers to an external hook framework with templates that execute localized scripts.
- [PROMPT_INJECTION]: The skill retrieves documentation from the Context7 MCP service, which introduces an indirect prompt injection surface.
- Ingestion points: The skill fetches external hook standards and patterns via the mcp__context7__get-library-docs tool in SKILL.md.
- Boundary markers: There are no explicit delimiters or instructions provided to the agent to ignore potentially malicious instructions within the ingested documentation.
- Capability inventory: The agent has access to tools with high system impact, including Bash command execution and file manipulation (Write, Edit).
- Sanitization: Potential high-risk impacts from ingested content are mitigated by the integrated bash command validators that intercept and block dangerous commands.
Audit Metadata