The Agent Skills Directory

[PROMPT_INJECTION]: The skill implements an indirect prompt injection surface by ingesting untrusted data to influence agent behavior and response strategies.
Ingestion points: Processes data through learn_from_session(session_data), adapt_responses(user_feedback), and integrate_user_feedback(feedback_data) in the SKILL.md file.
Boundary markers: No boundary markers or instructions to ignore embedded commands were found in the processing logic for external data.
Capability inventory: The skill utilizes the Bash, Write, Read, Glob, and Grep tools, providing high-privilege access to the underlying system.
Sanitization: The provided logic does not demonstrate any sanitization, validation, or escaping of the ingested data signals before they are used to update system preferences or strategies.
[COMMAND_EXECUTION]: The skill requests the Bash and Write tools to perform "system evolution" and "performance tuning." The logic includes executing an "evolution roadmap" via implement_evolution_step, which allows for the execution of shell commands or scripts generated from processed patterns and user interactions.
[COMMAND_EXECUTION]: The functions execute_evolution and implement_optimization suggest a framework for runtime modification of the system environment based on the output of the learning engine, which could be exploited to run arbitrary commands if the analysis is manipulated.

moai-learning-optimizer