moai-core-language-detection
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection vulnerability surface as it is designed to ingest and interpret data from external, untrusted configuration files.\n
- Ingestion points: The logic in
SKILL.mddescribes reading and parsing data frompackage.json,pyproject.toml,Cargo.toml, andgo.mod.\n - Boundary markers: The skill does not define specific delimiters or instructional guardrails to ensure the agent treats the content of these files strictly as data rather than as instructions.\n
- Capability inventory: The skill uses
ReadandBash(grep, ripgrep) tools, which provide the agent with access to the file system and pattern-matching capabilities that could be abused if the agent is manipulated by malicious content within a manifest file.\n - Sanitization: There is no evidence of validation or sanitization of the values extracted from file fields (e.g., 'description', 'version', or custom metadata) before they are presented to the agent.
Audit Metadata