The Agent Skills Directory

[SAFE]: No malicious instructions, obfuscation, or persistence mechanisms were detected within the skill's documentation or metadata. The skill's stated purpose aligns with its intended tool usage and documented workflows.\n- [COMMAND_EXECUTION]: The skill requires access to the Bash tool to run legitimate development utilities, including linters (pylint, eslint), security scanners (npm audit, safety), and formatters. These tools are used for their standard purposes within the code review process.\n- [PROMPT_INJECTION]: As the skill is designed to process external source code (untrusted data), it possesses an attack surface for indirect prompt injection. However, the skill does not exhibit any unsafe interpolation or instructions that would cause the agent to deviate from its core analysis tasks.

moai-essentials-review