The Agent Skills Directory

[PROMPT_INJECTION]: The skill contains explicit instructions in SKILL.md (Section 6) that direct the AI agent to bypass standard safety confirmation protocols. Specifically, it tells the agent to transfer BNB for gas and perform补 gas operations autonomously without human approval ("无需主人批准"), effectively overriding the default human-in-the-loop requirement for financial transactions.\n- [CREDENTIALS_UNSAFE]: The market-making functionality generates multiple blockchain private keys for 'worker' addresses and stores them in unencrypted JSON files (e.g., mm-workers-*.json) on the local disk. This exposes sensitive cryptographic material to any other users or processes with access to the agent's environment.\n- [COMMAND_EXECUTION]: The skill relies on the execution of several bundled JavaScript scripts (mm-bot.js, mm-collect.js, find-vanity-salt.js) to perform its core functions. It also directs the agent to run npm install, which can lead to the execution of arbitrary code during the dependency installation process.\n- [EXTERNAL_DOWNLOADS]: The skill interacts with the vendor's API at https://funcs.flap.sh/api/upload to store token metadata and fetches various packages from the NPM registry to support its scripts. While these are necessary for the skill's stated purpose, the combination with autonomous execution poses a risk.

flapskill