The Agent Skills Directory

[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through the ingestion of untrusted external metadata.
Ingestion points: scripts/get-agent.sh fetches agent profile content from IPFS gateways (gateway.pinata.cloud, ipfs.io) or arbitrary HTTP URLs specified on-chain.
Boundary markers: None. The fetched content is printed directly to the agent's context using jq or echo.
Capability inventory: The skill can submit arbitrary blockchain transactions and bridge funds via the bankr CLI.
Sanitization: No sanitization or validation of the fetched JSON content is performed before it is presented to the agent.
[EXTERNAL_DOWNLOADS]: The skill performs network operations to interact with Ethereum RPC providers and IPFS storage services.
Fetches on-chain data from eth.llamarpc.com and eth-sepolia.g.alchemy.com.
Uploads files to Pinata's API (api.pinata.cloud) using curl.
Downloads agent registration files from various IPFS gateways and remote URLs.
[COMMAND_EXECUTION]: The skill executes several local commands and CLI tools to perform its functions.
Uses bankr CLI for secure transaction prompting and execution.
Uses node locally to perform ABI encoding and decoding for Ethereum transaction data.
Uses jq for parsing and formatting JSON data.

erc-8004