The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes the agw CLI tool to perform various blockchain operations, including signing messages, sending transactions, and deploying contracts. This execution is scoped to the tool's specific functionality and includes mandatory dry-run steps to prevent accidental or malicious execution.
[PROMPT_INJECTION]: The skill represents a surface for indirect prompt injection as it interpolates user-provided data into JSON payloads for shell commands. However, the risk is mitigated by the instruction to always perform a dry-run preview and require explicit confirmation.
Ingestion points: User-provided data in the --json arguments of the agw commands (SKILL.md).
Boundary markers: The instructions use single quotes for JSON strings in examples but do not specify robust programmatic boundaries.
Capability inventory: Execution of the agw CLI for transaction signing, broadcasting, and contract interaction across all listed tasks.
Sanitization: No automated sanitization or escaping is defined in the instructions; the skill relies on the agent's dry-run capability and user verification as the primary security controls.
[CREDENTIALS_UNSAFE]: The skill refers to AGW_* environment variables for runtime configuration. This is a standard and safe practice for CLI secret management, and the skill does not contain any hardcoded credentials or instructions that would lead to credential exfiltration.

executing-agw-transactions