The Agent Skills Directory

Indirect Prompt Injection (HIGH): The skill processes untrusted external content while possessing high-privilege capabilities related to financial assets.
Ingestion points: Data enters the agent context through the natural language response and statusUpdates fields returned by the bankr_agent_get_job_status tool.
Boundary markers: The instructions fail to define any delimiters or 'ignore' directives to prevent the agent from obeying instructions embedded within the API's status messages or responses.
Capability inventory: The skill is designed to perform high-stakes actions including executing trades (e.g., 'Buy $50 of ETH on Base'), confirming transaction details, and listing account holdings.
Sanitization: There is no evidence of input validation, escaping, or filtering of the content received from the Bankr API before it influences the agent's logic.

Bankr Agent - Job Workflow