The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes the Bash tool and provides functional shell scripts for repository maintenance. Evidence: SKILL.md contains a Bash script for a pre-commit hook that performs secret scanning on staged files.
[DATA_EXFILTRATION]: The skill is designed to manage and validate files containing sensitive information, such as environment variables and secrets. Evidence: The documentation defines a multi-layer hierarchy that includes .env files intended for production secrets and database URLs.
[PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection because it processes project-specific configuration files that influence agent behavior. 1. Ingestion points: The agent reads settings from .moai/config/config.json and environment-specific .env files. 2. Boundary markers: The skill relies on structured JSON formatting but does not implement explicit delimiters to prevent configuration values from being interpreted as instructions. 3. Capability inventory: The skill possesses Read, Write, Edit, and Bash capabilities which could be targeted by malicious configurations. 4. Sanitization: It implements JSON Schema v2024-12 validation to ensure structural integrity of the configuration data.

moai-core-config-schema