moai-readme-expert
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its handling of untrusted project configuration data.
- Ingestion points: The ProjectAnalyzer class reads and parses files such as package.json, requirements.txt, and Cargo.toml from the project directory.
- Boundary markers: There are no explicit instructions or delimiters used to prevent the agent from following instructions potentially hidden within project metadata.
- Capability inventory: The skill utilizes tools like Bash, Write, Edit, and WebFetch.
- Sanitization: Metadata extracted from the project is interpolated directly into templates without verification or sanitization.- [COMMAND_EXECUTION]: The skill uses the Bash tool to perform project structure analysis and support automated documentation tasks.- [EXTERNAL_DOWNLOADS]: The skill fetches project status and version badges from well-known services including Shields.io, GitHub, Travis-CI, CircleCI, and GitLab.
Audit Metadata