The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill makes legitimate requests to the official AiCoin API domains (open.aicoin.com and www.aicoin.com) to fetch market data, news, and project analysis.- [CREDENTIALS_UNSAFE]: The file lib/defaults.json contains a hardcoded public API key and secret for the AiCoin free tier. This is a documented fallback to provide out-of-the-box functionality for users without their own keys.- [DATA_EXPOSURE]: The script scripts/coin.mjs includes an api_key_info action that inspects the local environment configuration. It follows security best practices by redacting the API secret and only displaying a truncated preview of the Access Key ID to the user.- [COMMAND_EXECUTION]: The skill's core functionality is delivered through Node.js scripts that execute local data retrieval. The update_key command allows for local configuration management, including a validation step to ensure the provided keys are functional before writing them to the .env file.- [INDIRECT_PROMPT_INJECTION]: The skill ingests data from external sources such as crypto news and Twitter feeds. While this content is untrusted, the skill serves primarily as a data retrieval and display layer, and the agent instructions emphasize data integrity and the use of specific scripts over general web search tools.

aicoin-market