moai-project-config-manager
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed for local project configuration management within the
.moai/directory. It uses standard file operations to perform CRUD tasks on a JSON configuration file. - [COMMAND_EXECUTION]: The skill includes a local validation script (
validate.py) and utilizes standard system tools for file manipulation, which are consistent with its documented purpose. - [PROMPT_INJECTION]: The instructions and examples focus strictly on configuration logic and state management. There are no attempts to override agent safety protocols or hijack the conversation flow.
- [DATA_EXFILTRATION]: The skill does not perform any network operations. Data access is restricted to the project-specific configuration files, and no access to sensitive system paths or credentials was found.
- [INDIRECT_PROMPT_INJECTION]: While the skill processes user-controlled data (project settings), it implements strong sanitization.
- Ingestion points:
.moai/config/config.json. - Boundary markers: Uses a strict JSON schema for structural validation.
- Capability inventory: File writing and local command execution (for validation).
- Sanitization: Implements character limits (e.g., 20 chars for nickname) and regex-based input validation (
^[a-zA-Z0-9가-힣ぁ-ゔ一-龯\s]+$) to prevent malicious payload injection.
Audit Metadata