moai-lang-sql
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill defines an ingestion surface for indirect prompt injection by processing external data with high-privilege tool access.
- Ingestion points: The skill accepts language-specific source directories and configuration files as inputs (
SKILL.md). - Boundary markers: There are no specified delimiters or instructions to the agent to treat external file content as untrusted data.
- Capability inventory: The skill allows the use of the
Bash(terminal) tool, which provides a pathway for ingested instructions to influence command-line operations. - Sanitization: No sanitization or validation mechanisms are described to mitigate the risk of malicious instructions within processed files.
- [NO_CODE]: No functional scripts or executable binaries are included in the skill; all provided files are markdown-based documentation and metadata.
Audit Metadata