The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes local curl and python3 commands to fetch and process JSON data from the Karma protocol. These scripts are static and part of the skill's core functionality, used primarily for data formatting.
[DATA_EXFILTRATION]: The skill performs network requests to gapapi.karmahq.xyz using an API key provided via environment variables. This is the official API endpoint for the Karma protocol and is required for the skill's operation.
[PROMPT_INJECTION]: The skill has a surface for indirect prompt injection via the data it processes from external sources.
Ingestion points: External data is ingested from the Karma API via project and grant lookup endpoints.
Boundary markers: Absent; the skill does not use specific delimiters to separate external content from instructions.
Capability inventory: The skill uses curl for network operations and python3 for data processing and JSON parsing.
Sanitization: External data is parsed as JSON, but specific string fields (like project titles and grant names) are not sanitized for potential embedded instructions that could influence the LLM's behavior.

create-grant-update