The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The skill metadata and documentation specify requirements for a Solana keypair (~/.config/solana/id.json) and an RPC API_KEY. These are standard for blockchain development and are explicitly declared by the vendor as necessary for devnet/mainnet operations.
[COMMAND_EXECUTION]: The skill uses command-line tools including anchor, cargo, and light for building and testing Solana programs. These are expected for the skill's purpose.
[EXTERNAL_DOWNLOADS]: The skill references and installs multiple packages from the Lightprotocol ecosystem, such as @lightprotocol/stateless.js and @lightprotocol/zk-compression-cli. These are verified vendor resources and do not represent a security risk.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted data from the web (WebFetch, WebSearch, DeepWiki MCP) and has the capability to write files and execute shell commands. Ingestion points include tools for fetching documentation and searching the web. Boundary markers are not explicitly defined to prevent the agent from obeying instructions embedded in retrieved content. Capability inventory includes full access to bash (via cargo/anchor) and file editing tools. Sanitization of external data is not implemented before interpolation into agent workflows.

solana-compression