The Agent Skills Directory

[EXTERNAL_DOWNLOADS] (HIGH): The skill utilizes npx awal@latest, which downloads a package from the public npm registry at runtime. Neither the author 0xrag nor the awal package are recognized as trusted sources, posing a supply-chain risk.- [REMOTE_CODE_EXECUTION] (HIGH): By running an unversioned (@latest) and untrusted package via npx, the skill allows for the execution of arbitrary code fetched from a remote repository during tool invocation.- [PROMPT_INJECTION] (HIGH): The skill is susceptible to Indirect Prompt Injection (Category 8) due to its core functionality: making payments to URLs found in external data. Ingestion points: The <url>, body data (-d), and headers (-h) are sourced from external API/web content. Boundary markers: None are present to distinguish between instructions and data. Capability inventory: The skill uses Bash to perform blockchain transactions (USDC payments). Sanitization: No sanitization or validation of the URL or payment amount is performed before the shell command is constructed.- [COMMAND_EXECUTION] (HIGH): Grants the agent power to execute shell commands with significant side effects (financial transactions). If the agent is manipulated via untrusted data, it can be coerced into draining the user's USDC balance by calling attacker-controlled endpoints with large --max-amount values.

pay-for-service