moai-design-system

Pass

Audited by Gen Agent Trust Hub on May 28, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill defines a workflow that ingests and acts upon local design files, which represents an indirect prompt injection surface.
  • Ingestion points: Reads design decisions and context from .moai/design/system.md and processed design data from .pen files.
  • Boundary markers: There are no explicit delimiters or specific 'ignore embedded instructions' warnings defined for the content of these ingested files.
  • Capability inventory: The skill is granted file modification capabilities (Write, Edit) and access to the Pencil MCP design manipulation toolset (mcp__pencil__batch_design).
  • Sanitization: The instructions do not include mechanisms for validating or sanitizing the content of the design files before they are processed by the agent.
  • [SAFE]: The skill's metadata and instructional content are consistent with its stated purpose of managing design systems and accessibility.
  • [SAFE]: No remote code execution, external downloads from untrusted sources, or obfuscation techniques were detected.
Audit Metadata
Risk Level
SAFE
Analyzed
May 28, 2026, 01:04 PM
Security Audit — agent-trust-hub — moai-design-system