The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: Installs the @bankr/cli package from the official npm or bun registry. This is a vendor-provided tool required for terminal-based interactions and wallet management.- [COMMAND_EXECUTION]: Executes the bankr command-line utility for trading operations, configuration management, and LLM gateway setup as described in SKILL.md and references/llm-gateway.md.- [CREDENTIALS_UNSAFE]: Stores sensitive API keys and LLM gateway keys in plain text within the ~/.bankr/config.json file on the local filesystem. The documentation advises users on proper permissioning and gitignore usage to mitigate exposure risks.- [PROMPT_INJECTION]: Exhibits vulnerability to indirect prompt injection due to the processing of untrusted data from blockchain records, market APIs, and social media platforms. 1. Ingestion points: Blockchain data (token names, descriptions), social media handles (Twitter/Farcaster), and market research data (references/transfers.md, references/market-research.md). 2. Boundary markers: Documentation suggests natural language interactions with optional confirmation steps, though the /agent/submit endpoint executes immediately (references/sign-submit-api.md). 3. Capability inventory: Significant on-chain capabilities including token swaps, transfers, leverage trading, and arbitrary transaction submission are available across all reference files. 4. Sanitization: No explicit sanitization or filtering logic for external data is documented in the provided skill files.

bankr