moai-project-template-optimizer
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface through its core template processing and merging functionality.
- Ingestion points: The skill reads and analyzes content from project backups (located in '.moai-backups/'), configuration files ('.claude/settings.json', '.moai/config.json'), and project documentation ('CLAUDE.md').
- Boundary markers: The instructions for merging and comparing these files do not specify the use of delimiters or explicit 'ignore embedded instructions' warnings, creating a risk that malicious instructions in the processed files could influence the agent.
- Capability inventory: The skill is authorized to use tools such as 'Read', 'Glob', and 'Grep' to access project files. Documentation also references shell-like operations ('ls', 'find', 'tar') for discovery and extraction.
- Sanitization: There is no evidence of structural validation or content sanitization for the data being merged from either local project files or external backups.
Audit Metadata