Skills
skills/modu-ai/moai-adk/moai-workflow-templates/Gen Agent Trust Hub

moai-workflow-templates

Warn

Audited by Gen Agent Trust Hub on Feb 18, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [Dynamic Execution] (MEDIUM): The template-optimizer.md module performs automated project restoration that modifies local files.
  • Evidence: Functions restore_from_backup and smart_merge in modules/template-optimizer.md scan the .moai-backups/ directory and apply stored content to the active project.
  • Risk: This mechanism could be exploited to persist malicious code or configuration if the backup directory is compromised.
  • [Indirect Prompt Injection] (LOW): The feedback mechanism in modules/feedback-templates.md processes untrusted data.
  • Ingestion points: User input from the /moai:9-feedback command (modules/feedback-templates.md).
  • Boundary markers: Absent; user input is interpolated directly into templates without delimiters.
  • Capability inventory: Automatic GitHub issue creation (Network Write).
  • Sanitization: Absent; no validation or escaping shown for user-provided descriptions.
  • [Data Exposure & Exfiltration] (LOW): Automated network communication with GitHub.
  • Evidence: modules/feedback-templates.md triggers automated GitHub issue creation based on user-supplied parameters.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 18, 2026, 03:16 PM