The Agent Skills Directory

[DATA_EXPOSURE_AND_EXFILTRATION]: The skill utilizes an ALCHEMY_API_KEY environment variable for authentication with the Alchemy Portfolio API. It appropriately warns users not to share this key in the chat. While the key is passed within the URL path, this is the standard and required authentication method for Alchemy's data API.
[EXTERNAL_DOWNLOADS]: The skill performs network requests to api.g.alchemy.com and chain-specific Alchemy subdomains to retrieve blockchain data. Alchemy is a well-known and reputable service provider for blockchain infrastructure.
[DYNAMIC_EXECUTION]: The skill employs python3 -c for parsing JSON responses and performing mathematical conversions of hex-encoded balances. These scripts are statically defined within the skill instructions and are used exclusively for data formatting.
[INDIRECT_PROMPT_INJECTION]: The skill processes data returned from an external API. Although this constitutes a data ingestion surface, the risk is negligible as the skill focuses on structured financial data and numerical conversions with no high-privilege write capabilities.

portfolio-tracker