The Agent Skills Directory

COMMAND_EXECUTION (LOW): scripts/auto-trader.ts utilizes child_process.spawnSync to invoke scripts/execute-trade.ts via the npx tsx runner. While the script path is resolved locally, this subprocess execution model increases the attack surface for potential command-line manipulation if validation logic is circumvented.\n- EXTERNAL_DOWNLOADS (LOW): The skill performs outbound network requests using fetch() to the Jupiter Aggregator API (quote-api.jup.ag) and Solana RPC endpoints (e.g., api.mainnet-beta.solana.com). These connections to non-whitelisted domains are necessary for its blockchain functionality but represent an external communication channel.\n- PROMPT_INJECTION (LOW): A surface for indirect prompt injection exists in scripts/auto-trader.ts. The script ingests untrusted token metadata (price, liquidity, security metrics) from external JSON files and uses it to drive automated trading decisions and generate trade plans. Maliciously crafted data could influence the automated decision-making logic.\n
Ingestion points: scripts/auto-trader.ts (via the loadMemeTokens function reading from an external file).\n
Boundary markers: Absent; data is parsed into objects but lacks strict instruction isolation or delimiters.\n
Capability inventory: Automated trade plan generation and simulated execution via subprocess.\n
Sanitization: Partial; basic threshold-based filtering (e.g., liquidity checks, risk scores) is applied in the shouldConsiderToken function.

meme-executor