Skills
skills/modu-ai/moai-adk/moai-workflow-github/Gen Agent Trust Hub

moai-workflow-github

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses git, gh (GitHub CLI), and tmux to perform repository management tasks such as creating branches, pushing code, and creating/reviewing pull requests. These actions are standard for the tool's intended purpose.
  • [COMMAND_EXECUTION]: Utilizes dynamic context injection (the !command syntax) in SKILL.md to retrieve repository information and check for environment variables like CLAUDE_CODE_EXPERIMENTAL_AGENT_TEAMS upon loading.
  • [PROMPT_INJECTION]: Exhibits an attack surface for indirect prompt injection by fetching and processing external data from GitHub issues and pull request diffs.
  • Ingestion points: Fetches issue descriptions and code diffs in SKILL.md which are then passed to sub-agents for analysis and review.
  • Boundary markers: Does not specify explicit delimiters or 'ignore' instructions for the external content provided to sub-agents.
  • Capability inventory: Sub-agents have access to powerful tools including Write, Edit, and Bash to perform their tasks.
  • Sanitization: No explicit sanitization of the external content is performed prior to prompt interpolation.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 03:31 PM