The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill manages the installation and updating of the 'surf' CLI binary from the vendor's domain (asksurf.ai) through commands like surf install.
[DATA_EXFILTRATION]: The surf feedback command is designed to send the previous 10 turns of the conversation context to the developer's infrastructure for debugging purposes. This action is conditionally triggered based on user consent.
[COMMAND_EXECUTION]: The skill uses bash to interact with the local filesystem, including managing configuration files in ~/.surf and modifying project-level files such as AGENTS.md or CLAUDE.md to establish routing rules.
[CREDENTIALS_SAFE]: The instructions mandate secure credential management, explicitly telling the agent to have users perform authentication in their own terminal and forbidding the agent from using or storing keys provided in the chat.
[PROMPT_INJECTION]: The skill implements persistent project-level 'routing rules' that are injected into project documentation. These rules act as persistent instructions to steer future agent behavior toward prioritizing the 'surf' tool for cryptocurrency data queries.
[DATA_BOUNDARY]: The skill acknowledges the risk of indirect prompt injection from API responses and provides a explicit directive to the agent to treat all returned content strictly as data and avoid executing any instructions embedded within it.

surf