moai-cc-mcp-plugins
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it retrieves design patterns and documentation from the external context7 service which may influence agent actions. 1. Ingestion points: Results from the mcp__context7__get-library-docs tool. 2. Boundary markers: No delimiters or ignore instructions found in the provided templates. 3. Capability inventory: Authorized to use Bash, Write, and Edit tools. 4. Sanitization: No explicit sanitization of remote documentation content before processing.
- [COMMAND_EXECUTION]: The configuration templates specify commands to execute MCP servers via npx and python. This is required for the skill's stated purpose of server orchestration.
- [EXTERNAL_DOWNLOADS]: The skill automates the installation of packages from trusted organizations including @anthropic-ai and the Model Context Protocol organization.
Audit Metadata