harness-moaiadk-best-practices

Pass

Audited by Gen Agent Trust Hub on Jun 21, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill documents defensive engineering practices designed to improve code quality and security. Key findings include:
  • [HARDCODING_PREVENTION]: Explicit instructions to avoid hardcoding URLs, model names, organization names, and API headers, requiring them to be extracted to constants or configuration files.
  • [TEST_ISOLATION]: Enforcement of t.TempDir() for Go tests to ensure filesystem isolation and automatic cleanup, preventing parallel test pollution and sensitive data residue.
  • [VERIFICATION_INTEGRITY]: A required reporting format that mandates evidence-based claims for test results and linting, explicitly forbidding unobserved claims and reducing the risk of misinformation.
  • [SECURED_GATE]: Integration of OWASP-aligned security reviews as a mandatory quality pillar for code merges.
  • [COMMAND_EXECUTION]: While the skill mentions standard Go development tools such as go test, golangci-lint, and go fmt, these are contextually appropriate for a technical reference guide and do not involve arbitrary or dangerous command execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 21, 2026, 03:51 PM
Security Audit — agent-trust-hub — harness-moaiadk-best-practices