Skills
skills/jg-chalk-io/nora-livekit/moai-baas-neon-ext/Gen Agent Trust Hub

moai-baas-neon-ext

Pass

Audited by Gen Agent Trust Hub on Mar 2, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill creates an indirect prompt injection vulnerability surface by fetching external data into a high-privilege context.\n
  • Ingestion points: The skill utilizes mcp__context7__get-library-docs and WebFetch to retrieve documentation and architectural guidance from external sources.\n
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to disregard instructions embedded within the fetched documentation.\n
  • Capability inventory: The agent is granted Bash, Write, and Edit permissions, which could be exploited if malicious instructions are present in the documentation processed by the agent.\n
  • Sanitization: No evidence of input validation or content filtering is present in the implementation snippets.\n- [COMMAND_EXECUTION]: The skill explicitly allows and documents the use of the Bash tool to interact with the neon CLI for database operations such as branch creation and scaling. This behavior is consistent with the skill's stated purpose.\n- [EXTERNAL_DOWNLOADS]: Documentation snippets reference standard GitHub Actions (actions/checkout@v4) and the official Neon CLI. These resources originate from well-known and trusted organizations and do not represent a security risk.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 2, 2026, 05:14 PM