The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill fetches JSON data from the Etherscan API and pipes it directly to python3 for parsing. While the Python code is a hardcoded, benign script for data extraction, this pattern creates a dependency on the integrity of the remote response from a well-known service.\n- [COMMAND_EXECUTION]: The skill performs several high-capability operations including: \n
Executing docker run to pull and run Solidity compiler images.\n
Compiling C source code using gcc for a brute-forcing utility.\n
Running Node.js scripts for bytecode comparison and permutation cracking.\n
Modifying local git configuration and pushing proofs to a remote repository.\n- [EXTERNAL_DOWNLOADS]: The skill interacts with external blockchain and development services, including the Etherscan API, OpenChain signature database, and GitHub. It also references a specific repository for native compiler binaries. These are used as legitimate data and tool sources for the skill's purpose.\n- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface due to its processing of external, untrusted data. \n
Ingestion points: On-chain contract bytecode and transaction data retrieved from the Etherscan API; function signatures from OpenChain.\n
Boundary markers: No specific delimiters are used to isolate the external data from the agent's instructions.\n
Capability inventory: Access to curl, docker, gcc, node, and git provides a significant impact surface if the agent were to follow instructions embedded in processed data.\n
Sanitization: No sanitization or validation of the retrieved hexadecimal bytecode or JSON responses is implemented before the agent processes them.

eth-bytecode-cracker