moai-core-spec-authoring
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is primarily educational and structural, providing templates and guides for 'EARS' (Easy Approach to Requirements Syntax). No malicious prompt injections, obfuscation, or data exfiltration patterns were detected.
- [COMMAND_EXECUTION]: The skill includes a bash utility script (
examples/validate-spec.sh) designed to validate the metadata of specification files. Analysis of the script confirms it performs local pattern matching using 'ripgrep' (rg) to verify field formatting and does not execute untrusted remote code or access sensitive system directories. - [EXTERNAL_DOWNLOADS]: The documentation contains references to official standards (IEEE, ISO) and well-known service documentation (AWS, Sendgrid, YAML.org). These are informational links and do not involve automated or suspicious downloads.
Audit Metadata