The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill uses npx to fetch and execute the @aomi-labs/client package from the public NPM registry. All such invocations are pinned to a specific version (e.g., @0.1.30) in the instructions to prevent the execution of unverified or malicious updates.
[COMMAND_EXECUTION]: The agent is authorized to execute specific binaries (aomi, npx) as defined in the permissions.shell manifest. This restricted scope follows the principle of least privilege by preventing the agent from running arbitrary system commands.
[DATA_EXFILTRATION]: User secrets (such as API keys for specific crypto apps) are transmitted to the vendor's backend at api.aomi.dev. The skill documentation explicitly identifies this trust boundary to the user and ensures the agent does not perform credential setup without an explicit request and user-provided values.
[SAFE]: The skill implements a 'simulate-before-sign' workflow where transactions are dry-run on a forked chain before being presented to the user. It specifically includes 'drain vector' analysis to detect and block attempts to redirect funds to unauthorized addresses. The mandatory human-in-the-loop step for signing (aomi tx sign) ensures that the agent cannot broadcast transactions autonomously.

aomi-transact