The Agent Skills Directory

[PROMPT_INJECTION]: The skill architecture is susceptible to indirect prompt injection. \n- Ingestion points: Fetches library documentation using the mcp__context7__get-library-docs tool as shown in SKILL.md. \n- Boundary markers: The implementation snippets do not include explicit delimiters or instructions to ignore embedded commands in the fetched documentation. \n- Capability inventory: The skill is allowed to use powerful tools including Bash, Write, and Edit. \n- Sanitization: No sanitization or validation of the external content is present before processing. \n- [COMMAND_EXECUTION]: The skill requests access to the Bash tool to perform backend orchestration and setup tasks, providing a high-privilege execution environment. \n- [EXTERNAL_DOWNLOADS]: The skill utilizes WebFetch and the Context7 MCP to download documentation for Convex and TypeScript; these are well-known technical resources aligned with the skill's stated purpose.

moai-baas-convex-ext