The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill connects to the mempool.space API to retrieve fee estimates, UTXOs, and to broadcast transactions. This is a well-known service and necessary for the intended functionality.
[COMMAND_EXECUTION]: Bitcoin transactions are signed and broadcast using local library functions. There is no evidence of arbitrary system command execution.
[PROMPT_INJECTION]: The get-inscription subcommand exposes the agent to untrusted data from the Bitcoin blockchain. 1. Ingestion points: get-inscription subcommand (fetches data from Bitcoin blockchain via mempool.space API). 2. Boundary markers: Data is returned in a structured JSON format; however, there are no specific instructions to the agent to ignore potentially malicious text within the inscription body. 3. Capability inventory: The skill includes transaction signing and broadcasting capabilities (inscribe, inscribe-reveal). 4. Sanitization: Inscription body text is truncated to 1000 characters.

ordinals