moai-platform-supabase
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOW
Full Analysis
- [PROMPT_INJECTION] (SAFE): No instructions were found that attempt to override system behavior, bypass safety filters, or extract system prompts.
- [DATA_EXFILTRATION] (SAFE): The skill contains no hardcoded credentials. It correctly uses environment variable placeholders (e.g.,
SUPABASE_SERVICE_ROLE_KEY) in its code templates. No unauthorized network or file system access patterns were identified. - [REMOTE_CODE_EXECUTION] (SAFE): The skill references standard, reputable sources for Deno and Supabase libraries (deno.land, esm.sh). No suspicious remote script execution (e.g., curl-to-bash) is present.
- [INDIRECT_PROMPT_INJECTION] (INFO): The skill uses MCP tools (
mcp__context7__get-library-docs) to ingest external documentation. This represents a potential ingestion surface for untrusted data; however, the skill's defined capabilities are restricted to information retrieval and architectural guidance, with no authorized tools for automated execution or file modification, resulting in a negligible risk profile.
Audit Metadata