moonbit-refactoring
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests and processes MoonBit source code from the project environment. Adversarial content within the codebase could potentially influence the agent's refactoring logic or test execution.\n
- Ingestion points: The agent accesses the local filesystem to read MoonBit files (.mbt), package metadata, and CLI tool outputs like
moon doc.\n - Boundary markers: The instructions do not define delimiters or specific warnings to ignore embedded instructions within the source code being refactored.\n
- Capability inventory: The skill utilizes the
moonCLI for actions including code checking, document generation, and test execution (moon test), which involves running code from the project.\n - Sanitization: There is no evidence of code sanitization or safety checks performed on the project source code before it is analyzed or executed.\n- [COMMAND_EXECUTION]: The skill executes various
moonCLI commands (e.g.,moon check,moon test,moon ide) to perform its intended functions. These tools are the official toolchain for the MoonBit language provided by the vendor.
Audit Metadata