The Agent Skills Directory

[COMMAND_EXECUTION]: The skill provides structured instructions for utilizing the Bash tool to perform standard development operations, such as environment initialization, automated testing (e.g., pytest, vitest, cargo test), and dependency auditing (e.g., pip-audit, npm audit). These commands are consistent with the skill's stated purpose of managing enterprise language foundations.\n- [EXTERNAL_DOWNLOADS]: The skill references and facilitates downloads from official language repositories, documentation sites, and package registries (e.g., python.org, nodejs.org, pkg.go.dev, crates.io). These are verified well-known technology services and are documented neutrally without alarming language.\n- [PROMPT_INJECTION]: The skill processes untrusted data from local project configuration files (e.g., package.json, pyproject.toml, go.mod) and external documentation fetched via WebFetch and MCP tools, representing an indirect prompt injection surface. Evidence: 1. Ingestion points: Local configuration files via the Read tool and external documentation via WebFetch and mcp__context7__get-library-docs. 2. Boundary markers: Absent from provided code snippets. 3. Capability inventory: Significant toolset including Bash, Write, Edit, and WebFetch. 4. Sanitization: No explicit input sanitization or validation is implemented in the logic snippets provided.

moai-foundation-langs