moai-cc-hooks
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill includes security-oriented validation scripts (
pre-bash-check.shandvalidate-bash-command.py) that implement a blacklist to block high-risk commands such asrm -rf /,sudo, and piping remote content to bash. - [SAFE]: The permission management script (
preserve-permissions.sh) uses standard system utilities (stat,chmod) to maintain file integrity during hook operations without requesting elevated privileges. - [SAFE]: All external data retrieval is performed through defined MCP tools (
mcp__context7__get-library-docs) targeting an enterprise-focused documentation library. - [SAFE]: No obfuscation, data exfiltration patterns, or hardcoded credentials were detected in the provided scripts or documentation.
Audit Metadata