The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill utilizes npx agnic@latest to run the vendor's CLI tool from the NPM registry. This is the intended method for utilizing the Agnic payment service and follows standard package distribution practices.
[COMMAND_EXECUTION]: It uses the Bash tool to execute commands for checking wallet status, verifying account balances, and processing payments. The skill instructions mandate strict validation of user-provided URLs using regex and require that JSON payloads be parsed and validated before being passed to the command line to prevent injection.
[DATA_EXFILTRATION]: While the skill facilitates communication with external API endpoints, this is its primary purpose. The security risk is mitigated by explicit instructions to the agent to validate that URLs are HTTPS and do not contain shell metacharacters, along with restrictions in the allowed-tools configuration.

pay-for-service