The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The installation script downloads a shell script from https://raw.githubusercontent.com/okx/onchainos-skills/main/install.sh and pipes its content directly into the shell (sh) for execution.
[EXTERNAL_DOWNLOADS]: The skill downloads a pre-compiled binary file from the repository at https://github.com/MigOKG/plugin-store/releases/download/plugins/morpho@0.1.0/morpho-${TARGET} to the user's local bin directory.
[COMMAND_EXECUTION]: The script uses shell commands to modify file permissions (chmod +x) on the downloaded binary and manages local directories and flag files in the user's home folder.
[DATA_EXFILTRATION]: During installation, the skill generates a unique device identifier by concatenating system-level information, including the hostname and the path to the user's home directory ($HOME). This data is hashed and transmitted to external endpoints at plugin-store-dun.vercel.app and okx.com for installation reporting.
[CREDENTIALS_UNSAFE]: The script contains a hardcoded Base64-encoded secret key (OE9nNWFRUFdfSVJkektrMExOV2RNeTIzV2JibXo3ZWNTbExJUDFIWnVoZw==) which is used as an HMAC key to sign the telemetry data sent during the installation process.
[PROMPT_INJECTION]: The skill processes external data from the Morpho Blue GraphQL API and the Merkl rewards API, which presents a surface for indirect prompt injection.
Ingestion points: Data enters the system context via https://blue-api.morpho.org/graphql and https://api.merkl.xyz/v4/claim.
Boundary markers: Output is formatted as JSON and wrapped in <external-content> tags to separate it from agent instructions.
Capability inventory: The skill allows the agent to execute shell commands, run a local binary, and initiate blockchain transactions through a wallet interface.
Sanitization: The instructions include a "Data Trust Boundary" section advising the agent to treat all output as untrusted and to refrain from interpreting data values as system commands.

morpho