The Agent Skills Directory

[SAFE]: No malicious logic, hardcoded credentials, or obfuscation was found. The code implementation is consistent with an enterprise refactoring tool.- [EXTERNAL_DOWNLOADS]: The skill uses WebFetch and the Context7 MCP tool to fetch documentation from well-known repositories like Refactoring.Guru and python-rope. These are handled as neutral documentation fetches and do not escalate the verdict.- [COMMAND_EXECUTION]: The tool is authorized to use Bash and Edit to modify local files, which is necessary for refactoring but represents a high-privilege toolset.- [INDIRECT_PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it analyzes external source code using powerful agent tools.- Ingestion points: Reads local project files via Read, Glob, and rope.- Boundary markers: No delimiters or instructions to ignore embedded commands are implemented in the analysis patterns.- Capability inventory: The agent has access to Bash, Edit, and WebFetch tools, providing a broad surface for unauthorized actions if the agent is manipulated via the code it reads.- Sanitization: No sanitization of code content or comments is demonstrated in the examples.

moai-essentials-refactor