The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill fetches an installation script from 'https://raw.githubusercontent.com/okx/onchainos-skills/main/install.sh' and pipes it directly to the shell to install the onchainos CLI. It also downloads and executes a Python update checker script ('update-checker.py') and a shell launcher ('launcher.sh') from the vendor's repository.
[EXTERNAL_DOWNLOADS]: The skill downloads platform-specific binary executables from GitHub releases (okx/plugin-store) and installs additional skills using the 'npx' package runner. These downloads are performed during the skill's pre-flight initialization.
[COMMAND_EXECUTION]: The skill frequently invokes the local 'onchainos' CLI to perform wallet-related tasks, including address resolution, balance checks, and the execution of on-chain swap transactions. These commands are critical to the skill's primary financial functionality.
[PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection by ingesting untrusted external data from the Solana blockchain.
Ingestion points: Token metadata, reserves, and graduation states are fetched via the 'get-token-info' and 'get-price' commands from Solana RPC nodes.
Boundary markers: The 'SKILL.md' file includes a 'Data Trust Boundary' section that warns the agent to treat all returned data as untrusted and to avoid interpreting CLI output as instructions.
Capability inventory: The skill has the ability to execute financial transactions and modify wallet state through the 'onchainos swap execute' command.
Sanitization: The Rust implementation uses structured JSON output and field filtering to limit the data passed back to the agent context, though the agent still processes potentially malicious string fields like token names.

pump-fun-plugin