The Agent Skills Directory

[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by design.
Ingestion points: Data enters the agent context from external third-party sources via the circle services search, circle services inspect, and circle services pay tools, as well as curl requests to URLs discovered in the marketplace.
Boundary markers: The instructions lack explicit delimiters or guidance to ignore potentially malicious instructions embedded in the data retrieved from external services.
Capability inventory: The skill utilizes tools with significant capabilities, including blockchain wallet operations, CLI execution, and arbitrary network requests.
Sanitization: There is no evidence of sanitization or structural validation performed on the external content before it is processed by the agent.

pay-via-agent-wallet