moai-cc-settings
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a standard utility for managing agent preferences and settings. Analysis of the markdown and JSON templates reveals no malicious intent, obfuscation, or unauthorized data exfiltration mechanisms.
- [DATA_EXPOSURE]: The settings template follows security best practices by using environment variable placeholders (e.g.,
${ANTHROPIC_API_KEY}) instead of hardcoded secrets. It also proactively defines denied paths for sensitive files like.envandsecrets/**to prevent accidental exposure. - [COMMAND_EXECUTION]: The skill's configuration template explicitly restricts the use of dangerous system commands such as
sudo,curl, and recursive deletion (rm -rf), enforcing a principle of least privilege for the agent's operation.
Audit Metadata