Skills
skills/modu-ai/cc-plugins/moai-formats-data/Gen Agent Trust Hub

moai-formats-data

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [Unsafe Deserialization] (HIGH): The technology stack explicitly lists 'pickle' for object serialization. This poses a significant risk of Remote Code Execution (RCE) if the agent deserializes untrusted data provided by an attacker.
  • [Indirect Prompt Injection] (HIGH): The skill is designed to ingest and process untrusted external data (JSON, YAML, TOON) and has the capability to write or edit files. 1. Ingestion points: process_json_stream, load_fast, and TOONEncoder.decode. 2. Boundary markers: No boundary markers or 'ignore' instructions are defined to separate data from instructions. 3. Capability inventory: Includes Write and Edit tools, allowing data-driven modifications to the file system. 4. Sanitization: While validation tools are mentioned, they are not specifically configured to mitigate prompt injection attacks embedded within data structures.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 09:08 PM