The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes an externally-sourced prose document ('doc' field) to generate answers. An attacker could potentially embed malicious instructions within this document to influence the agent's behavior.
Ingestion points: The 'doc' field retrieved from the 'https://coalmine.fun/api/challenges/request' endpoint (documented in SKILL.md).
Boundary markers: The skill instructions in SKILL.md include specific output formatting constraints (10 lines, short answers, no reasoning) to mitigate model obedience to embedded instructions.
Capability inventory: The skill utilizes shell commands via 'curl' and JavaScript for transaction signing and submission.
Sanitization: The instructions do not specify any validation or sanitization of the 'doc' content prior to processing by the model.
[COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands using 'curl' to interact with the project's API for mining operations and reward management. This is the intended functionality of the skill.
[EXTERNAL_DOWNLOADS]: The skill fetches challenge data, swap quotes, and transaction data from 'coalmine.fun' and 'lite-api.jup.ag'. These sources correspond to the project's official domain and a well-known Solana service (Jupiter DEX), representing standard operations for a blockchain-based mining utility.

coal-miner