The Agent Skills Directory

[PROMPT_INJECTION]: The skill includes explicit instructions to ensure the agent does not disclose sensitive Nostr Wallet Connect (NWC) connection strings or log them. It also acknowledges the processing of untrusted Lightning Network data (invoices and addresses) as an inherent requirement of its functional domain.
[DATA_EXFILTRATION]: Provides clear guidelines on credential safety, advising developers to manage NWC secrets through environment variables and strictly avoiding logging or sharing them.
[COMMAND_EXECUTION]: Example commands include legitimate uses of curl for interacting with the testing faucet and npx for installing the skill, both targeting official vendor services.
[EXTERNAL_DOWNLOADS]: References official npm packages such as @getalby/sdk, @getalby/lightning-tools, and @getalby/bitcoin-connect. It also utilizes a sandbox testing faucet at faucet.nwc.dev, which is an authorized resource for developer testing within the Alby ecosystem.

alby-bitcoin-builder