moai-harness-learner
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: Orchestrates the modu-ai vendor-specific 'moai' CLI to perform system status checks, retrieve proposal payloads, and manage rollback snapshots. These operations are scoped to the project environment.- [PROMPT_INJECTION]: The skill acts as a surface for indirect prompt injection by displaying learning subsystem data to the user.
- Ingestion points: External data from the learning observer enters the context via the 'moai harness apply' JSON payload.
- Boundary markers: Absent; the data is interpolated directly into the 'AskUserQuestion' template.
- Capability inventory: The skill possesses filesystem modification (Write, Edit) and command execution (Bash) capabilities.
- Sanitization: No specific sanitization or escaping logic is described for the proposed content values before they are presented in the user prompt.- [SAFE]: Incorporates a 'Frozen Guard' (Layer 1 Safety) which explicitly prohibits modifications to core agent skills, instructions, and rules, effectively mitigating risks of self-modification or lateral movement within the system environment.
Audit Metadata