The Agent Skills Directory

[COMMAND_EXECUTION] (SAFE): The skill defines a restricted toolset using the Bash(command:*) pattern, limiting the agent to specific development-related binaries like php, composer, phpunit, and artisan. This follows the principle of least privilege for shell access.- [PROMPT_INJECTION] (SAFE): Analysis of the markdown body and metadata revealed no instructions aimed at bypassing AI safety filters, extracting system prompts, or overriding core behavioral constraints.- [DATA_EXFILTRATION] (SAFE): No hardcoded credentials, sensitive file paths (e.g., .ssh, .env), or unauthorized network operations were detected. The skill focuses entirely on local code development and documentation lookup.- [INDIRECT_PROMPT_INJECTION] (LOW): The skill possesses a surface for indirect injection as it is designed to ingest and process untrusted project files (PHP, JSON, YAML). Evidence Chain: 1. Ingestion points: reads .php and composer.json files. 2. Boundary markers: Absent. 3. Capability inventory: restricted bash access to PHP binaries and Artisan. 4. Sanitization: Not explicitly defined in instructions. This is a standard risk for development-focused agents.

moai-lang-php