The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the membrane CLI to interact with BTCPay Server. These commands are used for legitimate management tasks like listing invoices, creating payment requests, and managing stores.
[EXTERNAL_DOWNLOADS]: The instructions include installing the @membranehq/cli package via npm. This is the official tool provided by the skill author for interacting with their platform.
[CREDENTIALS_UNSAFE]: The skill follows security best practices by explicitly instructing the agent never to ask the user for API keys or tokens, instead using the membrane login flow which handles authentication securely on the server side.
[PROMPT_INJECTION]: The skill processes external data from BTCPay Server (such as invoice descriptions). This represents a surface for indirect prompt injection. Evidence: 1. Ingestion points: BTCPay Server API data via membrane action run. 2. Boundary markers: None. 3. Capability inventory: Command execution and network operations via membrane CLI in SKILL.md. 4. Sanitization: Not specified. No malicious patterns were detected and the risk is considered low for this integration.

btcpay-server