The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill instructs users to install legitimate SDKs and peer dependencies (e.g., mppx, pympp, viem, stripe, @buildonspark/lightning-mpp-sdk) from official package registries like npm, PyPI, and Cargo.- [COMMAND_EXECUTION]: Includes guidance on using the mppx CLI for account initialization, testing payment flows, and interacting with local or remote endpoints.- [CREDENTIALS_UNSAFE]: While the skill handles sensitive cryptographic data (BIP-39 mnemonics, HMAC secrets, private keys), it explicitly recommends secure storage methods such as environment variables and system keychains instead of hardcoding.- [INDIRECT_PROMPT_INJECTION]:
Ingestion points: Ingests payment metadata from HTTP headers and MCP JSON-RPC metadata fields.
Boundary markers: Adheres to the MPP protocol specification which uses standard HTTP authentication schemes and RFC-compliant error details.
Capability inventory: Involves blockchain interaction, network requests to payment processors, and state persistence in databases like Redis.
Sanitization: Leverages Zod for strict schema validation of all credential and request payloads to prevent injection or schema confusion.

mpp