The Agent Skills Directory

[SAFE]: No malicious patterns or security vulnerabilities were detected. The skill is highly structured and focuses on enforcing code quality and security standards (TRUST 5 framework).
[COMMAND_EXECUTION]: The skill includes an explicit 'Execution Rules' module that forbids the use of dangerous shell commands such as 'sudo', 'rm -rf', and 'chmod 777'. It mandates that the agent must delegate tasks rather than executing them directly.
[DATA_EXFILTRATION]: No exfiltration patterns were found. The skill documentation explicitly identifies sensitive directories (e.g., .ssh, .aws, .env, .github/workflows/secrets) as protected paths and instructs the agent to deny access to them.
[REMOTE_CODE_EXECUTION]: There is no evidence of remote code execution. External tools mentioned (such as ruff, bandit, black, and detect-secrets) are standard industry utilities for linting, formatting, and security auditing.
[PROMPT_INJECTION]: No prompt injection or behavior override patterns were detected. The use of specialized commands (e.g., /moai:1-plan, /clear) is documented as part of a legitimate development workflow for context and token management.

moai-foundation-core