moai-domain-web-api
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill architecture is susceptible to indirect prompt injection because it processes untrusted data from external sources. Ingestion points: The skill reads source code, configuration files, and test suites from project directories (SKILL.md). Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the provided documentation. Capability inventory: The skill has access to the Bash and Read tools, which creates a potential execution path if malicious instructions are processed (SKILL.md). Sanitization: No content filtering or validation of external file data is described.
- [NO_CODE]: The skill contains no executable scripts or source code files and is comprised entirely of documentation and metadata.
Audit Metadata