The Agent Skills Directory

[PROMPT_INJECTION]: The skill contains explicit defensive instructions teaching the agent to recognize and reject prompt injection attempts such as 'ignore previous instructions' or 'switch to unrestricted mode'. Static detector flags for these patterns are false positives as they occur within a security blacklist for defensive purposes.
[EXTERNAL_DOWNLOADS]: The bootstrap-env.sh script downloads the caw CLI and TSS Node binaries from official vendor domains (agenticwallet.cobo.com and tss.cobo.com). This is the standard installation process for the tool.
[COMMAND_EXECUTION]: The skill uses a custom CLI (caw) for blockchain operations. It enforces a 'negotiate first, act later' model where the agent must obtain user/owner approval via 'pacts' before executing financial transactions.
[REMOTE_CODE_EXECUTION]: The skill guides the agent to create and run Python or TypeScript scripts for complex multi-step DeFi workflows. This dynamic execution is the intended purpose of the developer-focused wallet skill and is mitigated by the SDK's use of infrastructure-enforced spending limits and approval requirements.
[DATA_EXFILTRATION]: While the skill manages sensitive operations, it includes specific instructions in security.md to protect API keys and never share them with other skills or include them in log outputs.

cobo-agentic-wallet-dev