moai-tool-ast-grep
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (LOW): The skill utilizes the Bash tool to execute 'sg' (ast-grep) commands. This is the intended primary purpose of the skill for performing structural searches and refactors.
- EXTERNAL_DOWNLOADS (SAFE): The skill provides installation instructions for the @ast-grep/cli package via npm, brew, and cargo. These are trusted package registries for the required dependency.
- PROMPT_INJECTION (LOW): Indirect Prompt Injection vulnerability surface (Category 8).
- Ingestion points: The skill ingest external codebase data through the source directory paths provided to the 'sg' command.
- Boundary markers: No explicit markers or 'ignore embedded instructions' warnings are used when processing the files.
- Capability inventory: The skill has access to powerful tools including Bash, Read, Grep, and Glob.
- Sanitization: No sanitization or validation of the ingested code content is specified; the agent relies on the structural parsing of ast-grep to avoid executing instructions contained within the analyzed data.
Audit Metadata