Skills
skills/ajbcoding/claude-skill-eval/moai-domain-monitoring/Gen Agent Trust Hub

moai-domain-monitoring

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from external sources and processes it using an agent equipped with execution-capable tools.
  • Ingestion points: Data is brought into the agent context via the WebFetch tool, the Read tool, and the mcp__context7__get-library-docs tool (used in SKILL.md to fetch monitoring documentation).
  • Boundary markers: The instructions lack explicit delimiters or safety system instructions to ignore or treat data from external sources as untrusted content.
  • Capability inventory: The skill provides access to powerful tools including Bash, Write, and Edit, which could be abused if an injected instruction is followed.
  • Sanitization: There is no evidence of sanitization, filtering, or validation for content retrieved from external sources before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 01:06 AM