The Agent Skills Directory

[METADATA_POISONING]: The skill body contains self-authoritative trust and safety claims, such as "Trust Score: 9.6/10" and "Enterprise Approved," which cannot be independently verified and are designed to mislead users regarding the skill's safety profile.\n- [INDIRECT_PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it processes external project documentation and web content.\n- Ingestion points: Uses WebFetch, WebSearch, and Read tools to ingest external files and data.\n- Boundary markers: Templates lack explicit delimiters or instructions to ignore embedded commands within ingested data.\n- Capability inventory: Tools are provided for documentation generation and retrieval of library documentation from Context7.\n- Sanitization: No data validation or sanitization processes are described for content fetched from the web or project files.

moai-project-documentation