Skills
skills/modu-ai/moai-rank/moai-lang-r/Gen Agent Trust Hub

moai-lang-r

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • Indirect Prompt Injection (LOW): The skill is designed to trigger on and read user-controlled files such as .R, .Rmd, and renv.lock. Since the skill also has permissions to execute code via Bash(R:*), an attacker could embed malicious instructions in these data files to influence the agent's behavior.
  • Ingestion points: Files with extensions .R, .Rmd, .qmd, as well as DESCRIPTION and renv.lock files.
  • Boundary markers: Absent. The skill does not provide specific instructions to the agent to treat content within these files as untrusted data.
  • Capability inventory: Uses Bash(R:*), Bash(Rscript:*), Read, Grep, and Glob tools.
  • Sanitization: Absent. There are no patterns for escaping or validating the content of the processed files.
  • Command Execution (SAFE): The skill uses Bash(R:*) and Bash(Rscript:*) to execute R code. While arbitrary code execution is a high-privilege capability, it is the primary and intended purpose of this R development specialist skill.
  • External Downloads (SAFE): The skill references renv::install for package management. This is a standard and expected practice for R project dependency management.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:21 PM