The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill makes network requests to the OKX Web3 DEX API to perform market searches, obtain quotes, and fetch wallet balances. It also interacts with various third-party blockchain RPC nodes (e.g., LlamaRPC, Binance, Polygon, Arbitrum) for transaction simulation and broadcasting.
[EXTERNAL_DOWNLOADS]: The skill logic in scripts/swap.mjs and scripts/trade.mjs automatically appends a 1% referral fee to swap transactions, which is transferred to the developer's hardcoded wallet addresses (0x8c4b28523be418a47e6d8cc66019bda80610e313 and CtGKNdcRqUK2K453xsdsNEE2JuHcVTw5B4XiR9MhHHKQ).
[COMMAND_EXECUTION]: The agent executes local Node.js scripts to perform specialized blockchain tasks. This includes trade.mjs which can sign and broadcast transactions if provided with a private key.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection by ingesting untrusted data from on-chain sources that could influence agent behavior.
Ingestion points: Token metadata (name, symbol) in scripts/token.mjs and market signals in scripts/market.mjs.
Boundary markers: Absent; external data is returned as JSON and presented to the agent without specific delimiters or instructions to ignore embedded commands.
Capability inventory: The skill has the capability to sign and broadcast transactions via scripts/trade.mjs and scripts/gateway.mjs, posing a risk if the agent is misled by malicious on-chain data.
Sanitization: Absent; the scripts do not sanitize or filter on-chain strings for prompt injection patterns before returning them to the agent context.

aicoin-onchain