moai-domain-research
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [SAFE]: Skill instructions define a legitimate research workflow without suspicious behavior or obfuscation.
- [DATA_EXFILTRATION]: The skill reads project-level technical context from .moai/project/tech.md to ground its search queries. This is a local read for context purposes and does not represent an exfiltration risk.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it ingests untrusted content from the internet. * Ingestion points: Data enters the context via WebSearch and WebFetch tool outputs. * Boundary markers: The skill does not currently specify the use of delimiters or 'ignore' instructions when writing synthesized research to research.md. * Capability inventory: The skill has permissions to read/write files and use network tools. * Sanitization: There is no explicit sanitization step for the content retrieved from external sources before it is written to the project directory.
Audit Metadata