moai-workflow-jit-docs
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill retrieves and processes documentation from untrusted external sources, including community forums and web searches, creating a surface for indirect prompt injection.
- Ingestion points: Data enters through the WebFetch and WebSearch tools as described in SKILL.md.
- Boundary markers: No explicit delimiters or warnings are defined to prevent the agent from following instructions embedded within retrieved documentation.
- Capability inventory: The skill allows the agent to read local project files and use web tools, which could be exploited if malicious content is processed.
- Sanitization: No sanitization of external content is specified in the implementation guide.
- [External Downloads] (LOW): The skill relies on fetching documentation from the internet, which is necessary for its function but inherently depends on the security of the sources accessed.
Audit Metadata