moai-workflow-project
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE]: The skill implementation follows secure coding practices for a workflow automation tool. No hardcoded credentials, malicious persistence mechanisms, or unauthorized data access patterns were identified across the instructions or templates.
- [EXTERNAL_DOWNLOADS]: The skill documentation and schemas (e.g., in
references/overview.mdandschemas/config-schema.json) reference several integrated modules and libraries within the vendor's ecosystem, such asmoai-foundation-core,moai-workflow-docs, andmoai-workflow-templates. The skill utilizes standard package managers (pip,npm,uv) to manage these dependencies, which is consistent with its role as a project initialization and management tool. - [SAFE]: The skill provides a specification-driven documentation workflow (detailed in
references/examples.md) that interpolates data from SPECs into markdown templates. While this process involves handling user-controlled data, it is a core functional requirement and no malicious exploitation patterns or bypasses were found.
Audit Metadata