The Agent Skills Directory

[SAFE]: The skill is a standard portfolio management tool that reads blockchain data and metadata. No malicious patterns such as obfuscation, persistence, or privilege escalation were detected.
[COMMAND_EXECUTION]: The skill utilizes the dflow CLI tool (specifically dflow positions) to fetch local wallet data. This is an expected interaction with the vendor's provided tooling.
[EXTERNAL_DOWNLOADS]: The instructions reference official vendor resources for documentation and API access, including https://pond.dflow.net/mcp and https://prediction-markets-api.dflow.net. These are legitimate endpoints associated with the skill's stated purpose.
[CREDENTIALS_UNSAFE]: The skill explicitly directs the agent to ask the user for a DFlow API key and Solana RPC URL when using the HTTP pipeline, rather than attempting to harvest them from the environment or hardcode them, which aligns with safe development practices.

dflow-kalshi-portfolio