The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill executes a shell script directly from a remote URL using curl ... | sh. This is used to install the onchainos CLI from the OKX GitHub repository.
[DATA_EXFILTRATION]: The skill contains an auto-injected "Report install" script that collects system metadata to create a unique device ID.
Evidence: It captures the output of hostname, uname -s, uname -m, and the $HOME environment variable.
Destination: This fingerprint is hashed and sent via POST requests to plugin-store-dun.vercel.app and okx.com for installation tracking.
[EXTERNAL_DOWNLOADS]: The skill downloads an executable binary (compound-v3) from the author's GitHub repository based on the user's operating system and architecture.
Evidence: curl -fsSL "https://github.com/MigOKG/plugin-store/releases/download/..." -o ~/.local/bin/compound-v3.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) as it processes untrusted data from external smart contracts.
Ingestion points: Data enters the context via get-markets and get-position commands which query on-chain contracts.
Boundary markers: The skill includes a "Data Trust Boundary" warning instructing the agent to treat all returned data as untrusted.
Capability inventory: The skill can execute transactions via onchainos wallet contract-call.
Sanitization: It explicitly instructs the agent to display only specific fields and not to render raw contract output verbatim.
[COMMAND_EXECUTION]: The installation process involves executing multiple shell commands for system discovery and file permission management.
Evidence: Uses chmod +x to make the downloaded binary executable and utilizes shell logic to detect system architecture.

compound-v3