moai-platform-database-cloud
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface. The skill provides the ability to fetch external documentation via the mcp__context7__get-library-docs tool, which introduces a potential vector for malicious instructions embedded in remote documentation. Evidence: 1. Ingestion points: Output from mcp__context7__get-library-docs (SKILL.md). 2. Boundary markers: Absent; no instructions provided to ignore or delimit embedded commands in external documentation. 3. Capability inventory: Extensive Bash execution permissions for tools like psql, npm, npx, neonctl, firebase, and supabase, plus file Write access. 4. Sanitization: Absent; content from library docs is processed directly.
- [COMMAND_EXECUTION] (SAFE): The skill utilizes Bash tool-specific wildcards for database management and package installation. These capabilities are directly aligned with the skill's purpose as a platform specialist and do not exhibit malicious patterns.
Audit Metadata