The Agent Skills Directory

[INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted metadata, such as token narratives, AI-generated summaries, and signal descriptions, from the Bitget Wallet API. This content enters the agent context through structured JSON responses.
Ingestion points: bitget-wallet-agent-api.py (multiple endpoints including coin-market-info, alpha-signals, and trading-dynamics).
Boundary markers: Absent; the scripts return raw JSON to the agent without additional delimiters.
Capability inventory: The skill possesses the ability to perform network requests (requests) and read/write/delete local temporary files (key_utils.py).
Sanitization: No explicit sanitization or filtering of API-returned text content is performed within the provided scripts.
[DYNAMIC_EXECUTION]: The orchestration scripts order_make_sign_send.py and social_order_make_sign_send.py utilize importlib.import_module to load the bitget-wallet-agent-api module. This is used to maintain modularity while allowing the import of a filename containing hyphens, which is a common developer pattern.
[SAFE]: The skill implements defensive practices for handling sensitive cryptographic material. Private keys are derived in memory from a mnemonic, written to unique temporary files with restricted permissions, and immediately deleted (unlinked) after the signing operation by key_utils.py. This minimizes the risk of credentials persisting on the filesystem.
[SAFE]: The skill includes self-contained implementations of complex cryptographic algorithms (Ed25519 and Base58) in order_sign.py to eliminate external dependencies for Solana operations, reducing supply-chain risk.

bitget-wallet