moai-workflow-tdd
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Prompt Injection] (SAFE): No direct instructions to bypass safety filters or override system constraints were found.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials or attempts to access sensitive system files (e.g., SSH keys) were detected.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill does not perform remote downloads or execute scripts from external URLs.
- [Indirect Prompt Injection] (LOW): The skill possesses an attack surface for indirect prompt injection. 1. Ingestion points: The skill is instructed to read SPEC documents and acceptance criteria (mentioned in SKILL.md). 2. Boundary markers: Absent; there are no instructions to use delimiters or ignore embedded instructions in the ingested data. 3. Capability inventory: The skill has permission to read, write, and edit files, and use numerous bash tools including package managers (SKILL.md). 4. Sanitization: Absent; no explicit requirement to sanitize or validate external input before processing is specified.
Audit Metadata