The Agent Skills Directory

[SAFE]: The skill uses an external OpenAPI schema located at https://raw.githubusercontent.com/holon-run/uxc/main/skills/nodit-openapi-skill/references/nodit-web3.openapi.json. Since this repository is owned by the skill's author ('holon-run'), it is considered a legitimate vendor resource.
[SAFE]: Authentication is handled via standard uxc credential management. The skill correctly instructs users to store sensitive API keys in environment variables (NODIT_API_KEY) rather than hardcoding them, which is a secure practice.
[SAFE]: The skill implements explicit 'Guardrails' and rate-limit handling (HTTP 429 TOO_MANY_REQUESTS), encouraging the agent to back off and avoid aggressive polling, which prevents accidental service disruption.
[SAFE]: Command execution is restricted to the uxc CLI tool and the nodit-openapi-cli link created through it. The operations are limited to a curated set of read-only GET/POST endpoints defined in the provided OpenAPI schema, minimizing the attack surface.
[SAFE]: The validation script (scripts/validate.sh) is used for internal development to ensure schema integrity and consistency across documentation, with no runtime execution risks to the end user.

nodit-openapi-skill