moai-core-expertise-detection
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes user input to dynamically adjust security-related behaviors, such as confirmation requirements. 1. Ingestion points: All user queries and code examples provided during interaction are analyzed for expertise signals. 2. Boundary markers: The skill lacks explicit instructions to differentiate between user data and control signals for expertise assessment. 3. Capability inventory: The 'Expertise Level Framework' instructs the agent to skip confirmation gates for medium-risk actions when a user is classified as an 'Expert', reducing human-in-the-loop oversight. 4. Sanitization: No input validation is present to prevent users from spoofing technical signals to lower security barriers.
- [PROMPT_INJECTION]: Documented 'Override Mechanisms' allow users to force the agent into 'Expert' mode using keywords like 'quick' or 'fast'. This provides a direct path for users to influence the agent's internal state and associated security configurations without proper validation.
Audit Metadata