The Agent Skills Directory

[PROMPT_INJECTION]: No malicious instruction overrides, role-play bypasses, or system prompt extraction attempts were found in the skill instructions or metadata.
[DATA_EXFILTRATION]: No unauthorized data access or exfiltration patterns were detected. The skill correctly instructs users to provide sensitive credentials (like Solana private keys) through environment variables (PRIVATE_KEY) and standard .env configuration, which is a safe and recommended practice for development tools.
[REMOTE_CODE_EXECUTION]: No remote code execution vulnerabilities were found. The skill relies on legitimate dependencies from the npm registry, specifically pnp-sdk (the core library for the PNP Protocol) and official Solana web3 libraries. There are no instances of piped remote script execution (e.g., curl | bash).
[OBFUSCATION]: All code and instructions are provided in plain text. No hidden content, encoded strings (Base64/Hex), or deceptive characters (zero-width/homoglyphs) were detected in any of the 20 files.
[INDIRECT_PROMPT_INJECTION]: The skill exposes an ingestion surface for external data, such as market questions and social media URLs (Twitter, YouTube). While this presents a theoretical surface for indirect prompt injection, the skill does not use this data in dangerous operations (like shell execution or file system writes) that would allow for exploitation within the scope of this skill.
[PRIVILEGE_ESCALATION]: The skill does not use sudo, modify file permissions (chmod 777), or attempt to acquire elevated system permissions. All operations are standard user-level activities within the Solana ecosystem.
[PERSISTENCE_MECHANISMS]: No attempts to establish persistence, such as modifying shell profiles (.bashrc), cron jobs, or system services, were detected.

pnp-markets-solana