Skills
skills/modu-ai/moai-adk/moai-workflow-gan-loop/Gen Agent Trust Hub

moai-workflow-gan-loop

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests and processes untrusted data from project configuration files and BRIEF documents.
  • Ingestion points: Reads project parameters from .moai/config/sections/design.yaml, design.yaml, and user-provided BRIEF documents.
  • Boundary markers: The instructions lack explicit delimiters or guidance for the agent to ignore or isolate instructions found within these external data sources.
  • Capability inventory: The skill is authorized to use Bash, Write, and Edit tools, which could be abused if malicious instructions are successfully injected via the input files.
  • Sanitization: No content validation or sanitization mechanisms are described for the processed data.
  • [COMMAND_EXECUTION]: The skill is designed to execute shell commands via Bash and Playwright to perform automated testing and verification steps during the design loop.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 03:31 PM