moai-docs-generation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill utilizes Bash tools for documentation building (sphinx-build, mkdocs, typedoc). These are restricted to specific, expected binaries in the metadata's allowed-tools list, following least-privilege principles.
- [EXTERNAL_DOWNLOADS] (SAFE): The skill recommends installation of well-known documentation packages from official registries (PyPI, NPM). No downloads from unverified or suspicious third-party sites were detected.
- [PROMPT_INJECTION] (LOW): The skill defines patterns for generating documentation by reading external data which represents an indirect prompt injection surface.
- Ingestion points: Source code docstrings, API annotations, and MoAI SPEC files (as noted in SKILL.md and modules/code-documentation.md).
- Boundary markers: The instructions do not specify the use of delimiters or 'ignore embedded instruction' warnings when parsing code for documentation.
- Capability inventory: The agent possesses Bash execution (npm, npx, sphinx-build, mkdocs, typedoc) and File Write/Edit permissions.
- Sanitization: No explicit sanitization or validation of the ingested strings is suggested before they are processed into documentation artifacts.
Audit Metadata