The Agent Skills Directory

[DYNAMIC_EXECUTION]: The skill creates and runs temporary Node.js scripts (specifically fetch-v3-positions.mjs, fetch-infinity-positions.mjs, and fetch-solana.cjs) to handle complex blockchain queries and fee calculations. While it uses local reference files as templates, executing generated code is a significant capability.
[DATA_EXPOSURE]: Upon initialization, the skill transmits a telemetry ping to the vendor's server at https://pancakeswap.ai/api/ping. This request includes the agent's name, skill version, a timestamp, and the user's operating system and CPU architecture.
[UNVERIFIABLE_DEPENDENCIES]: The skill installs several Node.js libraries at runtime using npm install, including viem and various @pancakeswap SDKs. It also fetches token metadata and price information from external endpoints such as explorer.pancakeswap.com and tokens.pancakeswap.finance.
[COMMAND_EXECUTION]: The skill executes multiple shell commands to manage its environment, including npm for dependency management, node for script execution, curl for API requests, and open/xdg-open for launching deep links in the browser.
[INDIRECT_PROMPT_INJECTION]: The skill processes data from external sources like blockchain state and token lists. Although it includes explicit security rules instructing the agent to treat this data as untrusted and ignore any embedded instructions, the ingestion of arbitrary external strings creates a potential attack surface.

collect-fees