Skills
skills/hartreeworks/skill--mochi-srs/mochi-srs/Gen Agent Trust Hub

mochi-srs

Pass

Audited by Gen Agent Trust Hub on Jun 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses a custom Python CLI tool (bin/mochi) to perform operations such as fetching due cards and submitting review results. This is the primary mechanism for the skill's functionality.
  • [EXTERNAL_DOWNLOADS]: The bin/mochi script performs network requests to https://app.mochi.cards/api for synchronizing with the Mochi service. This communication is restricted to the official API endpoint required for the tool's functionality.
  • [PROMPT_INJECTION]: The skill processes flashcard content, creating an ingestion surface for potential indirect prompt injection.
  • Ingestion points: Flashcard content is fetched from the Mochi API and local database via the mochi next, mochi new, and mochi get commands in bin/mochi.
  • Boundary markers: Absent. The skill instructions do not explicitly require the use of delimiters for card content.
  • Capability inventory: The skill can execute local commands, write to the local file system (appending mnemonics to cards), and perform network operations via the Mochi API using the mochi CLI script.
  • Sanitization: Absent. Flashcard content is processed and displayed as retrieved from the database or API.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 3, 2026, 12:15 PM
Security Audit — agent-trust-hub — mochi-srs