moai-foundation-core
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill establishes a comprehensive security sandbox that explicitly prevents access to sensitive credential files (e.g., .ssh, .aws, .env) and restricts the execution of dangerous system commands such as sudo, chmod 777, and rm -rf.- [SAFE]: It incorporates the TRUST 5 quality framework, which mandates automated security scanning for vulnerabilities (OWASP compliance), hardcoded secrets detection, and dependency auditing.- [SAFE]: The skill enforces an Agent-First mandate, requiring all tasks to be delegated to specialized agents rather than executed directly by the core agent, ensuring that every action is subject to validation and logging.- [SAFE]: The external development and security tools referenced throughout the modules (e.g., Bandit, Ruff, Black, Pip-audit) are well-known, industry-standard utilities.
Audit Metadata