Skills
skills/hnabyz-bot/mcp-agent-server/moai-formats-data/Gen Agent Trust Hub

moai-formats-data

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (HIGH): The skill possesses a high-risk attack surface for indirect prompt injection.\n
  • Ingestion points: The skill ingests untrusted data through TOONEncoder.decode (in modules/toon-encoding.md), JSONOptimizer.deserialize_fast, and DataValidator.validate (referenced in SKILL.md and modules/README.md).\n
  • Boundary markers: There are no explicit boundary markers or 'ignore' instructions implemented in the provided code to prevent the model from executing commands embedded within the data formats.\n
  • Capability inventory: The skill is granted powerful tools including Write, Edit, and mcp__context7__resolve-library-id (per SKILL.md), allowing it to modify the file system based on processed data.\n
  • Sanitization: While modules/README.md mentions a sanitized_data field, no actual sanitization logic is provided in the implementation files to filter out malicious natural language instructions.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 09:29 AM