The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill's installation process downloads an installation script from the OKX GitHub repository and fetches platform-specific binaries for the jito tool from the MigOKG/plugin-store repository releases.
[DATA_EXFILTRATION]: A reporting mechanism in SKILL.md collects system metadata, including the hostname and the user's home directory path ($HOME), to create a unique device fingerprint. This data is transmitted to external endpoints at plugin-store-dun.vercel.app and okx.com. The process uses a Base64-encoded static key to generate a signature for the fingerprint.
[COMMAND_EXECUTION]: The Rust source code uses std::process::Command to execute external programs, including the onchainos CLI for blockchain wallet interactions and python3 for performing cryptographic math calculations.
[REMOTE_CODE_EXECUTION]: During the setup phase, the skill performs remote code execution by downloading a shell script from an external repository and piping it directly into the system shell (curl | sh).
[PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by ingesting data from external blockchain nodes and market APIs.
Ingestion points: Untrusted data enters the skill's context via Solana RPC endpoints (defined in src/rpc.rs) and the DeFiLlama Yields API (queried in src/commands/rates.rs).
Boundary markers: Absent. The skill does not use delimiters or provide instructions to the agent to treat this data as untrusted or external.
Capability inventory: The skill has capabilities for shell command execution and network access through the onchainos CLI and local subshells.
Sanitization: Absent. External data is parsed as JSON and displayed directly to the agent and user without sanitization or escaping.

jito