The Agent Skills Directory

[CREDENTIALS_UNSAFE] (SAFE): Sensitive credentials such as the Solana private key (SOLANA_PRIVATE_KEY) and the DFlow API key (DFLOW_API_KEY) are correctly handled via environment variables. There are no hardcoded secrets or exposed sensitive data in the provided files.
[EXTERNAL_DOWNLOADS] (SAFE): The skill relies on standard, well-maintained libraries from the Solana ecosystem, including @solana/web3.js and bs58. All network interactions are directed toward the official DFlow API (quote-api.dflow.net) or standard Solana RPC nodes.
[COMMAND_EXECUTION] (SAFE): The scripts demonstrate how to sign and submit blockchain transactions. While these are powerful capabilities, they are used within the context of their intended purpose (trading) and do not involve the execution of arbitrary shell commands or untrusted scripts.
[DATA_EXFILTRATION] (SAFE): There is no evidence of data exfiltration. Network traffic is restricted to API calls necessary for fetching quotes and submitting transactions to the blockchain.
[PROMPT_INJECTION] (SAFE): No instructions attempting to override agent behavior or bypass safety filters were found in the scripts or documentation.

dflow