The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: Automated alerts flagged a 'piped to python3' pattern; however, technical analysis confirms this is used to pipe JSON data from trusted vendor APIs into a locally-defined script for processing. The skill uses locally generated scripts via heredocs to maintain control over the execution environment.- [COMMAND_EXECUTION]: Employs curl, python3, and cast for data retrieval and blockchain interaction. The skill implements 'MANDATORY SECURITY RULES' that enforce the use of single quotes for shell variables and restrict the use of dangerous CLI flags like --private-key, recommending secure keystores instead.- [EXTERNAL_DOWNLOADS]: Fetches pool configurations and pricing data from vendor domains (pancakeswap.com, pancakeswap.finance) and well-known industry services (coingecko.com, dexscreener.com). These sources are recognized as safe and are necessary for the skill's primary function.- [PROMPT_INJECTION]: While the skill processes untrusted data from external APIs (Indirect Prompt Injection surface), it mitigates this risk through explicit instructions to the agent to treat API content as verbatim text only and to apply strict regex validation (^0x[0-9a-fA-F]{40}$) to all addresses and identifiers.

farming-planner