Skills
skills/jg-chalk-io/nora-livekit/moai-security-threat/Gen Agent Trust Hub

moai-security-threat

Pass

Audited by Gen Agent Trust Hub on Mar 2, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill is designed to process external security data, such as Indicators of Compromise (IOCs) and system alerts, which could potentially contain embedded malicious instructions intended to manipulate the agent's analysis or actions.
  • Ingestion points: Untrusted data enters the agent context via the ioc parameter in SKILL.md (Level 3) and the alert parameter in examples.md (Example 5).
  • Boundary markers: The code lacks explicit delimiters or instructions to the LLM to ignore potentially adversarial content within the processed data fields.
  • Capability inventory: The skill is configured with Bash and WebFetch capabilities, which increase the potential impact of a successful injection attack.
  • Sanitization: No input validation or sanitization routines are implemented for the external data before it is passed to the threat intelligence client or logged.
  • [EXTERNAL_DOWNLOADS]: Dependency on External Packages. The skill utilizes the context7-mcp and modsecurity Node.js packages to perform its core security functions. While these appear relevant to the skill's purpose, they represent external code dependencies that are not part of the standard trusted library list.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 2, 2026, 05:15 PM