moai-foundation-claude
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill consists entirely of Markdown documentation and YAML frontmatter. No executable scripts (.sh, .py, .js) or binary files are included within the skill package.
- [SAFE]: All external resource references, including documentation links and package suggestions, target official Anthropic/Claude Code domains or well-known, trusted technology services (e.g., GitHub, NPM).
- [SAFE]: The skill's own
allowed-toolsconfiguration is limited to file system read/write and specific MCP documentation tools, lacking theBashtool required for direct system command execution. - [SAFE]: Security-related documentation within the kit (covering IAM, sandboxing, and hooks) encourages best practices, such as the principle of least privilege and the use of security boundaries.
Audit Metadata