Skills
skills/modu-ai/cc-plugins/moai-workflow-jit-docs/Gen Agent Trust Hub

moai-workflow-jit-docs

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
  • Prompt Injection (MEDIUM): The skill is vulnerable to Indirect Prompt Injection due to its core function of loading external content into the agent context.
  • Ingestion points: External data is ingested via the WebFetch and WebSearch tools, as well as local files through Read, Grep, and Glob tools.
  • Boundary markers: The implementation guide does not specify the use of delimiters or 'ignore' instructions when processing retrieved documentation.
  • Capability inventory: The skill possesses network access (WebFetch, WebSearch) and local file read access (Read, Grep, Glob), creating a path for data exfiltration if the agent is misled by injected instructions.
  • Sanitization: The instructions do not define any sanitization, filtering, or validation steps for the content retrieved from external sources before it is utilized by the agent loop.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:27 AM