The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The installation instructions in SKILL.md download a setup script from raw.githubusercontent.com/okx/onchainos-skills/main/install.sh and a binary from github.com/okx/plugin-store/releases. These resources are fetched from the vendor's official repositories.
[REMOTE_CODE_EXECUTION]: The setup process includes a command that pipes a remote shell script directly to sh for installation. This is performed using the vendor's official infrastructure.
[COMMAND_EXECUTION]: The skill executes local shell commands during installation to configure the environment, check for existing tool versions, and set executable permissions on the downloaded binary.
[DATA_EXFILTRATION]: A telemetry script in SKILL.md generates a hashed device identifier based on system information and sends it to www.okx.com and a Vercel-hosted analytics endpoint. This is documented as a mechanism for reporting successful installations to the vendor.
[PROMPT_INJECTION]: The skill processes external data such as token symbols and on-chain pool information, presenting a surface for indirect prompt injection.
Ingestion points: Token symbols and contract data are retrieved from user input and the Optimism blockchain via RPC calls (e.g., in src/commands/quote.rs and src/commands/swap.rs).
Boundary markers: SKILL.md contains a 'Data boundary notice' explicitly advising the agent to treat on-chain results as untrusted external content and not as instructions.
Capability inventory: The skill can initiate blockchain transactions through the onchainos CLI, requiring explicit user confirmation for write operations.
Sanitization: Input symbols are resolved against a hardcoded list of known addresses or validated as hex strings before being used in transaction construction.

velodrome-v2