Skills
skills/jg-chalk-io/nora-livekit/moai-change-logger/Gen Agent Trust Hub

moai-change-logger

Pass

Audited by Gen Agent Trust Hub on Mar 2, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill requests the Bash tool and describes logic for tracking commands_executed via functions like track_command_history(). This enables the agent to monitor and record shell activity for auditing purposes.
  • [DATA_EXFILTRATION]: The skill utilizes Read, Bash, and WebFetch tools to aggregate sensitive local data including file contents, Git history, and developer activity logs. While this is used for change analytics, the capability to read local logs and access the network creates a surface for potential data exposure.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by ingesting and processing untrusted data from the local environment.
  • Ingestion points: Monitored file contents, Git commit messages, and shell command history logs.
  • Boundary markers: There are no documented delimiters or instructions used to separate monitored content from agent instructions in the provided snippets.
  • Capability inventory: The skill has access to Bash, Write, WebFetch, and Read tools.
  • Sanitization: No validation or escaping of the ingested log data is demonstrated in the implementation patterns.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 2, 2026, 05:14 PM