harness-moaiadk-best-practices
Pass
Audited by Gen Agent Trust Hub on Jun 21, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill documents defensive engineering practices designed to improve code quality and security. Key findings include:
- [HARDCODING_PREVENTION]: Explicit instructions to avoid hardcoding URLs, model names, organization names, and API headers, requiring them to be extracted to constants or configuration files.
- [TEST_ISOLATION]: Enforcement of
t.TempDir()for Go tests to ensure filesystem isolation and automatic cleanup, preventing parallel test pollution and sensitive data residue. - [VERIFICATION_INTEGRITY]: A required reporting format that mandates evidence-based claims for test results and linting, explicitly forbidding unobserved claims and reducing the risk of misinformation.
- [SECURED_GATE]: Integration of OWASP-aligned security reviews as a mandatory quality pillar for code merges.
- [COMMAND_EXECUTION]: While the skill mentions standard Go development tools such as
go test,golangci-lint, andgo fmt, these are contextually appropriate for a technical reference guide and do not involve arbitrary or dangerous command execution.
Audit Metadata