moonbit-practice
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references the official MoonBit CLI installation script from cli.moonbitlang.com in its CI templates.
- [REMOTE_CODE_EXECUTION]: The toolchain installation instructions involve fetching and executing a remote shell script via bash.
- [COMMAND_EXECUTION]: The skill provides examples for running MoonBit toolchain commands, nix shell commands, and various build-time scripts.
- [DATA_EXFILTRATION]: The guide mentions libraries such as @x/fs and @x/sys which provide access to the file system and environment variables.
- [PROMPT_INJECTION]: The skill identifies a potential surface for indirect prompt injection within its CI workflow templates.
- Ingestion points: CI configuration files in the assets/ directory and SKILL.md.
- Boundary markers: No explicit markers are used in the templates to delimit external data.
- Capability inventory: Includes subprocess execution (via moon and pnpm) and file system operations.
- Sanitization: The provided examples do not include input sanitization for data processed in CI pipelines.
Audit Metadata