moai-domain-frontend
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection by fetching external documentation that could influence the agent's behavior.
- Ingestion points: The
FrontendArchitectOptimizerclass utilizes themcp__context7__get-library-docstool inSKILL.mdto retrieve external documentation strings. - Boundary markers: The skill lacks explicit delimiters or safety instructions when processing the external documentation, which may allow embedded instructions to override system prompts.
- Capability inventory: The agent is equipped with powerful tools such as
Bash,Write, andEdit, which could be misused if an injection occurs. - Sanitization: No sanitization or validation logic is applied to the content retrieved from the external documentation source.
- [EXTERNAL_DOWNLOADS]: The skill performs network-based operations to retrieve documentation and assets.
- MCP Documentation: It retrieves technical documentation for frameworks like React and Next.js via the
mcp__context7__get-library-docstool. - User Assets: UI components in
SKILL.mdreference the well-known serviceapi.dicebear.comto fetch SVG avatar resources based on user IDs.
Audit Metadata