moai-lang-r
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns, hidden code, or unauthorized network operations were identified in the skill files.- [COMMAND_EXECUTION]: The skill uses terminal access (Bash) for legitimate development tasks like running R tests and linters. No arbitrary or unsafe command execution patterns were found.- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it processes external source code and configuration files. This is inherent to its function as a code analysis tool.
- Ingestion points: R source code and project configuration files via the 'Read' tool.
- Boundary markers: No explicit delimiters or protection instructions are present in the documentation.
- Capability inventory: Access to terminal and file system tools.
- Sanitization: No data validation or sanitization logic was found in the analyzed instructions.
Audit Metadata