moai-platform-deployment
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No instructions attempting to override agent behavior or bypass safety filters were found. The content consists of legitimate technical guides.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials or sensitive file path access were detected. CI/CD examples correctly utilize environment variables and platform secrets (e.g., VERCEL_TOKEN, RAILWAY_TOKEN).
- Obfuscation (SAFE): No Base64, zero-width characters, homoglyphs, or other encoding techniques were found in the files.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill references standard, well-known CLI tools and packages (e.g., @railway/cli, @vercel/kv) from official registries. No piped remote execution or malicious download patterns were detected.
- Privilege Escalation & Persistence (SAFE): No commands related to privilege escalation (sudo/chmod 777) or persistence mechanisms (crontab/startup scripts) were identified.
- Indirect Prompt Injection (SAFE): The skill documentation does not ingest or interpolate untrusted external data into agent prompts. It primarily serves as a static reference for deployment configurations.
Audit Metadata