moai-lang-shell
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides extensive templates and best practices for executing shell commands, including error handling, signal trapping, and parallel processing via background jobs.
- [EXTERNAL_DOWNLOADS]: References standard system package managers (brew, apt-get, yum) and npm to install development tools like ShellCheck and bats-core.
- [CREDENTIALS_UNSAFE]: Includes illustrative documentation examples that use dummy strings such as 'secret123' for API key and configuration keys.
- [PROMPT_INJECTION]: The skill's functionality for reading and processing external files creates an attack surface for indirect prompt injection.
- Ingestion points: Data is ingested from files like 'input.txt', 'config.txt', and '.config' as demonstrated in code examples.
- Boundary markers: No delimiters or instructions to disregard embedded commands within the ingested data are present in the provided patterns.
- Capability inventory: The skill is used by an agent with the 'Bash' tool for command execution and 'Read' tool for file access.
- Sanitization: There is no evidence of content validation or escaping for the data read from external sources before being used in script logic.
Audit Metadata