The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill provides instructions for installing verified development tools such as Starknet Foundry and the Cartridge Controller CLI from their official repositories (e.g., github.com/foundry-rs and github.com/cartridge-gg). These are well-known tools in the Starknet ecosystem.
[COMMAND_EXECUTION]: Several orchestration and quality scripts (e.g., audit_local_repo.py, profile.py) utilize subprocess.run or Bash commands to interface with developer tools like git, scarb, and snforge. These executions are scoped to local repository maintenance and security auditing workflows.
[DATA_EXFILTRATION]: Private keys and sensitive credentials are managed via environment variables or stored in isolated user-controlled directories (e.g., ~/.openclaw/secrets). The starknet-anonymous-wallet script implementation includes explicit path validation to prevent path traversal when loading these keys.
[PROMPT_INJECTION]: The cairo-auditor skill ingests external threat intelligence from the web but implements strict guidance for specialist agents to treat this data as 'prioritization hints only.' Findings must still be proven against local in-scope code, mitigating indirect prompt injection risks.
[SAFE]: No obfuscation, persistence mechanisms, or unauthorized privilege escalation patterns were detected. The skill set follows professional software engineering practices and provides clear security boundaries for autonomous agent operations.

starknet-agentic-skills