moai-workflow-spec

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill defines a structured approach for requirement engineering using the EARS (Easy Approach to Requirements Syntax) format, which promotes clarity and reduces ambiguity in project planning.
  • [SAFE]: Command execution is limited to benign Git, file system (ls, mkdir, find), and text processing (grep, wc) operations necessary for project organization and migration.
  • [SAFE]: The provided templates for authentication and payment processing demonstrate security best practices, such as using bcrypt for hashing, JWT for tokens, and emphasizing PCI DSS compliance principles.
  • [SAFE]: The skill uses placeholders for sensitive configuration (e.g., <RSA_PRIVATE_KEY>) rather than hardcoding actual credentials.
  • [SAFE]: The documentation includes a bash script for validating project structure that uses only standard, low-risk utilities.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 10:57 AM
Security Audit — agent-trust-hub — moai-workflow-spec