The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill fetches the starkfi package from the official npm registry at runtime using npx. This is documented as an external dependency for the skill's functionality.- [REMOTE_CODE_EXECUTION]: The skill executes the starkfi package downloaded from npm via npx. Running code directly from a remote registry involves inherent risks, although the source registry is a well-known service.- [COMMAND_EXECUTION]: The skill instructs the agent to perform token swaps, check balances, and verify transaction statuses by executing shell commands through the Bash tool.- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface where user-provided arguments are interpolated into shell commands.
Ingestion points: User input for amount, from token, to token, and slippage percentage in SKILL.md.
Boundary markers: No boundary markers or instructions to ignore embedded commands are present in the prompt templates.
Capability inventory: The skill has the capability to execute shell commands with the Bash tool.
Sanitization: No sanitization or validation logic is specified for the user-supplied parameters before they are passed to the shell.

trade