The Agent Skills Directory

Prompt Injection (SAFE): The skill uses role framing to establish expertise in the pump.fun protocol. It does not contain instructions to bypass safety filters, ignore previous rules, or extract system prompts. The framing is task-specific and benign.
Data Exposure & Exfiltration (SAFE): No hardcoded credentials, API keys, or sensitive file paths were detected. While it mentions external tools like Helius and Birdeye, these are presented as data sources for the user rather than automated exfiltration points.
Obfuscation (SAFE): The content is clear markdown and standard TypeScript code snippets. No hidden characters, Base64 encoding, or homoglyphs were found.
Unverifiable Dependencies & Remote Code Execution (SAFE): The skill does not perform any package installations (npm/pip) or remote script downloads. The TypeScript snippets provided are for instructional purposes and are not executed by the skill.
Indirect Prompt Injection (LOW): The skill is designed to analyze external blockchain data (token names, metadata). While this presents a surface for indirect injection (e.g., a token name containing malicious instructions), the skill itself lacks the capabilities (shell access, file writing, wallet interaction) to act on such instructions. The risk is inherent to the LLM's processing of untrusted data rather than the skill's design.
Dynamic Execution (SAFE): No use of eval(), exec(), or runtime code generation. The skill provides templates for structured analysis output but does not compile or run code.

pump-fun-mechanics