The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill directs the agent to download and install the @liberfi.io/cli package from the official npm registry. Because this resource is owned by the skill's author and hosted on a well-known service, it is considered a legitimate dependency.
[COMMAND_EXECUTION]: The skill utilizes the lfi (LiberFi) command-line interface to perform token searches, audits, and data retrieval. It also instructs the agent to execute npm install for global package management if the tool is missing.
[REMOTE_CODE_EXECUTION]: The instruction to install a package via npm involves the execution of code downloaded from a remote registry during the installation phase.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted data from blockchain sources, such as token metadata and descriptions.
Ingestion points: Data returned by lfi token search, lfi token info, and other blockchain-specific query commands defined in SKILL.md.
Boundary markers: The skill lacks explicit delimiters or instructions to treat external data as untrusted, which could lead the agent to follow instructions embedded in token metadata.
Capability inventory: The skill possesses the capability to execute shell commands (lfi) and install software (npm) as described in the operation flow.
Sanitization: No sanitization or validation mechanisms are mentioned for the data ingested from external blockchain APIs.

liberfi-token