The Agent Skills Directory

[SAFE]: The skill includes comprehensive safety documentation recommending best practices for key management and account isolation.
Evidence: The 'Safety & Access Control' reference (references/safety.md) details read-only API keys, IP whitelisting, and the use of dedicated agent wallets to minimize risk exposure.
[PROMPT_INJECTION]: The skill features capabilities that ingest untrusted data from the web and third-party APIs, creating a potential surface for indirect prompt injection.
Ingestion points: Web browsing via a headless browser and x402 endpoint discovery/inspection as described in references/x402-cloud.md.
Capability inventory: The agent can perform high-impact financial actions such as token transfers, DEX swaps, leverage trading, and arbitrary transaction submission (references/arbitrary-transaction.md).
Boundary markers/Sanitization: The documentation does not specify internal sanitization or markers for isolating external data content.
[COMMAND_EXECUTION]: The agent is instructed to use the vendor's official '@bankr/cli' tool for wallet management, configuration, and executing blockchain transactions.
Evidence: SKILL.md and various reference files (e.g., references/sign-submit-api.md) provide numerous command examples for sensitive operations like 'bankr wallet transfer', 'bankr sign', and 'bankr login'.

bankr