The Agent Skills Directory

Category 8: Indirect Prompt Injection (SAFE): The skill utilizes MCP tools (mcp__context7__get-library-docs) to ingest external documentation. This is a standard functional requirement for a documentation specialist skill. While this technically creates a surface for indirect prompt injection, the skill targets well-known, reputable platforms (Google, Supabase, Neon), making the risk negligible.
Category 2: Data Exposure & Exfiltration (SAFE): The skill mentions sensitive environment variables such as DATABASE_URL, NEON_API_KEY, and SUPABASE_SERVICE_ROLE_KEY. It provides correct guidance on their use, specifically warning against exposing service role keys to client-side code, which is a security best practice.
Category 4: Unverifiable Dependencies & Remote Code Execution (SAFE): The skill recommends standard, industry-recognized packages (e.g., @supabase/supabase-js, @neondatabase/serverless, firebase) from trusted registries. It includes Bash access to package managers like npm and npx, which is expected for a developer-oriented skill.
Category 5: Privilege Escalation (SAFE): No evidence of unauthorized privilege escalation attempts. The use of administrative keys is explicitly limited to server-side environments and edge functions in the provided documentation.

moai-platform-database-cloud