moai-docs-linting
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, prompt injections, or obfuscation techniques were detected in the skill definitions or metadata.
- [COMMAND_EXECUTION]: The skill documentation includes examples of local script execution for linting tasks (e.g.,
python3 .moai/scripts/lint_korean_docs.py). These are standard automation practices for documentation CI/CD pipelines. - [EXTERNAL_DOWNLOADS]: References well-known and trusted external resources, including the official Markdown Guide and established GitHub repositories for markdown linting tools.
- [SAFE]: Indirect Prompt Injection Surface Evaluation:
- Ingestion points: The skill is designed to process markdown documentation files using
ReadandGlobtools. - Boundary markers: While explicit delimiters are not detailed in the provided Python snippets, the linting logic is restricted to structural regex-based checks.
- Capability inventory: The skill uses
WebSearch,WebFetch, and MCP tools for technical context retrieval. - Sanitization: The validation logic focuses on structural metadata (headers, link protocols, code block tags) rather than executing document content, mitigating injection risks.
Audit Metadata