The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests and processes untrusted data from external sources. * Ingestion points: The skill fetches work evidence from IPFS via the 'evidence_cid' parameter in 'references/verification.md' and processes user-supplied data in paywalled functions in 'references/payments.md'. * Boundary markers: There are no explicit boundary markers or instructions to ignore embedded commands within the ingested data. * Capability inventory: The agent has significant capabilities, including executing blockchain transactions and submitting work scores, which could be misused if the agent is manipulated by malicious input. * Sanitization: The skill lacks explicit sanitization or validation logic for data retrieved from external IPFS links.
[EXTERNAL_DOWNLOADS]: The skill depends on external packages and services. * Dependencies: It requires 'chaoschain-sdk' and 'web3' from the standard PyPI registry. * Network operations: It communicates with the vendor's gateway at 'https://gateway.chaoscha.in' for workflow management and transaction processing, which is consistent with its stated purpose.

chaoschain-sdk