moai-docs-generation
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill exhibits no malicious patterns such as prompt injection, data exfiltration, or obfuscation. Its behavior aligns with its stated purpose of generating documentation templates and API guides.
- [PROMPT_INJECTION]: The skill utilizes tools to fetch external data, which technically creates an indirect prompt injection surface. This is a functional requirement for documentation generation.
- Ingestion points: Documentation and library data are ingested through
WebFetchand themcp__context7__get-library-docstool. - Boundary markers: The provided documentation templates do not explicitly define boundary markers to separate external content from instructions.
- Capability inventory: The skill has the capability to create directories and write files to the local file system (e.g.,
Path.mkdirandPath.write_text). - Sanitization: The skill documentation does not specify sanitization or validation routines for the fetched external content.
- [EXTERNAL_DOWNLOADS]: The skill includes references to well-known technology sites such as the official TypeScript documentation and Prettier's GitHub repository. These are trusted sources and do not pose a security risk.
Audit Metadata