Skills
skills/jg-chalk-io/nora-livekit/moai-foundation-git/Gen Agent Trust Hub

moai-foundation-git

Pass

Audited by Gen Agent Trust Hub on Mar 2, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute Git and GitHub CLI commands for repository management, branching, and releases.
  • [PROMPT_INJECTION]: The skill ingests untrusted data from external sources such as Git logs, PR descriptions, and issue comments, which creates a surface for indirect prompt injection.
  • Ingestion points: gh pr view, git log, and gh issue list (found in reference.md).
  • Boundary markers: No delimiters or ignore instructions are used for external content.
  • Capability inventory: The skill has Bash tool permissions to modify the repository and interact with GitHub via CLI.
  • Sanitization: External data is processed without explicit sanitization or validation.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 2, 2026, 05:15 PM