Skills
skills/modu-ai/moai-rank/moai-lang-elixir/Gen Agent Trust Hub

moai-lang-elixir

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: CRITICALCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (SAFE): The skill utilizes the Bash tool to run standard Elixir development commands such as mix phx.server, mix ecto.migrate, and mix deps.get. These are routine operations for the stated purpose of the skill.
  • [EXTERNAL_DOWNLOADS] (SAFE): The skill references mix deps.get for dependency management. While this initiates network connections to Hex.pm (the official Elixir package registry), it is the standard and trusted method for managing Elixir dependencies.
  • [INDIRECT_PROMPT_INJECTION] (LOW): The skill is designed to analyze and process Elixir source files which could contain malicious instructions.
  • Ingestion points: Processes files with .ex, .exs, and mix.exs extensions.
  • Boundary markers: No specific delimiters or safety instructions are defined to separate code from instructions.
  • Capability inventory: Access to Bash, Read, Grep, and Glob tools.
  • Sanitization: No evidence of input sanitization or validation before processing file content.
  • Assessment: Typical for development skills; the risk is present but inherent to the functionality.
Recommendations
  • Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 17, 2026, 06:20 PM