moai-workflow-testing

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it is designed to ingest and analyze untrusted data from local codebases and pull request metadata.
  • Ingestion points: The skill reads source code files, configuration files (e.g., CLAUDE.md), and pull request summaries to provide reviews and testing guidance as documented in modules/automated-code-review.md and modules/code-review/core-classes.md.
  • Boundary markers: There are no explicit instructions or delimiters defined in the markdown modules to isolate untrusted project code from the agent's core instructions.
  • Capability inventory: The skill possesses extensive capabilities, including Bash access for multiple development tools and the ability to perform Read, Write, and Edit operations on the filesystem.
  • Sanitization: While the implementation uses Python's ast module for structural analysis, there is no evidence of filtering or escaping logic applied to the raw code content before it is processed by the agent.
  • [COMMAND_EXECUTION]: The skill's modules contain logic for executing various local command-line tools to perform its primary functions.
  • Evidence: modules/static-analysis.md implements wrappers for pylint, flake8, bandit, and mypy using subprocess.run.
  • Evidence: modules/ddd-context7/analyze-preserve-improve.md and modules/ddd/core-classes.md execute pytest with coverage reporting.
  • Evidence: modules/ddd-context7/advanced-features.md includes commands for mutation testing (mutmut) and continuous testing (pytest_watch).
  • [EXTERNAL_DOWNLOADS]: The skill interacts with an external documentation provider to fetch current best practices and patterns.
  • Evidence: modules/automated-code-review/context7-integration.md uses the mcp__context7__get-library-docs tool to retrieve patterns from libraries such as /security/semgrep, /performance/python-profiling, and /code-quality/sonarqube.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 10:57 AM
Security Audit — agent-trust-hub — moai-workflow-testing