The Agent Skills Directory

[PROMPT_INJECTION]: The skill includes a "Bazaar" extension for resource discovery which represents an indirect prompt injection surface by allowing the ingestion of external tool and resource definitions.
Ingestion points: Resource metadata and tool definitions enter the agent's context through discovery API responses (/discovery/resources) and facilitator responses (/verify, /settle).
Boundary markers: The protocol utilizes structured JSON for all data transmission and incorporates JSON Schema for the validation of extension information.
Capability inventory: The skill enables network operations (Axios, Fetch, httpx) and the execution of Model Context Protocol (MCP) tools.
Sanitization: All core payment authorizations are protected by cryptographic signature verification (EIP-712, Ed25519, etc.) and pre-settlement transaction simulation.
[EXTERNAL_DOWNLOADS]: The skill references and suggests installation of official SDK packages including @x402/* NPM packages, x402 Python packages, and the github.com/coinbase/x402/go Go module. All external references target official project documentation and facilitator services hosted by reputable organizations like Coinbase.
[CREDENTIALS_UNSAFE]: Code examples demonstrate the secure handling of private keys using environment variables (process.env.EVM_PRIVATE_KEY and os.getenv("EVM_PRIVATE_KEY")), following standard security best practices.
[COMMAND_EXECUTION]: The skill facilitates tool execution through the Model Context Protocol (MCP), enabling AI agents to perform paid actions in a structured and metered environment.
[DATA_EXFILTRATION]: Network operations are limited to necessary protocol communications with blockchain RPC nodes and official facilitators (e.g., x402.org and coinbase.com).

x402