The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill implements a high-risk installation and update mechanism that fetches a shell script from https://raw.githubusercontent.com/6551Team/openskills/main/skills/opentrade/install.sh and pipes it directly into the shell (| sh). This operation is performed automatically during pre-flight checks and error recovery scenarios.\n- [COMMAND_EXECUTION]: The agent is instructed to execute various local shell commands, including which, cat, and date, to manage the lifecycle and caching of the opentrade CLI tool.\n- [CREDENTIALS_UNSAFE]: The skill workflow involves managing an API token (OPEN_TOKEN) stored in a .env file. While the skill provides security warnings against committing these secrets to version control, the active handling of tokens by the agent increases the risk of exposure within session logs.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. Evidence Chain: (1) Ingestion points: Live on-chain market data, trade history, and meme token metadata fetched via the CLI. (2) Boundary markers: No delimiters or instructions are used to distinguish tool output from agent instructions. (3) Capability inventory: The skill has the ability to execute shell commands and write to local files. (4) Sanitization: No sanitization or validation of the external market data is performed before it is processed by the agent.

opentrade-market