The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it is designed to ingest and process data from external, untrusted sources. Specifically, it fetches governance discussions from the Celo Forum (forum.celo.org) and ecosystem data from The Grid (thegrid.id).
Ingestion points: live-data-sources.md (DefiLlama API, The Grid GraphQL, Celo Mondo API, Celo Forum API, and GitHub CGP repository).
Boundary markers: The skill lacks explicit instructions for the agent to use delimiters or to ignore embedded natural language instructions when processing data from these external sources.
Capability inventory: The agent has the capability to generate code (Foundry/Hardhat templates), execute network requests (curl), and provide CLI commands for user execution.
Sanitization: No explicit sanitization or validation logic is defined for the content retrieved from public forums or third-party APIs.
[COMMAND_EXECUTION]: The skill provides numerous CLI command templates for interacting with the Celo blockchain and development tools. These include forge, hardhat, celocli, gh, and curl for interacting with RPCs and GitHub. While these are standard developer utilities, they represent an execution surface if used to process untrusted input.
[EXTERNAL_DOWNLOADS]: The skill documentation encourages the installation of various Node.js and Python packages from established registries (NPM/PyPI) and references official Celo repositories on GitHub. All referenced external sources (e.g., celo-org, DefiLlama, Aave, Uniswap) are well-known services or trusted organizations within the ecosystem.

celo-skill